Report - track.writive-resica.com/8e40deb9-157e-48a3-ac6f-42153414bd98

Report Overview

Submitted URL
track.writive-resica.com/8e40deb9-157e-48a3-ac6f-42153414bd98
IP
18.195.195.71
ASN
#16509 AMAZON-02
Submitted
2023-03-27 21:00:06
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	53 kB	34.120.237.76
track.writive-resica.com	unknown	2020-11-21T14:39:32Z	2023-03-29T05:53:56Z	392 B	1.5 kB	18.195.195.71
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.0 kB	8.0 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	54.186.110.4
16.winprizes716.monster	unknown	2023-03-24T04:55:39Z	2023-03-28T13:56:43Z	17 kB	140 kB	45.76.148.82

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-27 21:00:14	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581	320 B	2023-03-07	2024-04-19
Pretty URL 16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 IP 45.76.148.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:29 Last Seen2024-04-19 12:42:09 Times Seen1741 Hash 5a138d18c716ab6599b013b3d18a72e6 bda75ea2d287242cbe7371a9301ca9ecca65ede2 be1a27ecb4603f966443348ac4450ae8d6ffdce4c75151da6d29eb52f994e8cd Loading...

	poavoabe.net/pfe/current/micro.tag.min.js?z=5821978&sw=/sw-check-permissions-e5afb.js	41 kB	2023-03-26	2023-07-15
Pretty URL poavoabe.net/pfe/current/micro.tag.min.js?z=5821978&sw=/sw-check-permissions-e5afb.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:36:09 Last Seen2023-07-15 19:09:01 Times Seen1562 Hash 39e2c858ae674bcd586c05c4ce804985 1b4877d33ff9ff907345036cdcaa40819ec32e5d 986b86e6675d511be045876f03623f7c3d7fd944fe2c5b75e2edc2bcd88a8b4a Loading...

	16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581	268 B	2023-03-07	2023-05-14
Pretty URL 16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 IP 45.76.148.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:32 Last Seen2023-05-14 09:15:06 Times Seen119 Hash 3bdd9273e4f5a05cbe577a6b8425a77b 2819529868c8c1762d09ee517da0ff390bc052ca 9efff2ae29f08faeadeede4faf51078ed7ca08b04e08fe5e5d877c12ad5c98ac Loading...

	16.winprizes716.monster/eng/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5	150 kB	2023-03-07	2023-06-16
Pretty URL 16.winprizes716.monster/eng/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5 IP 45.76.148.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2023-06-16 16:34:17 Times Seen281 Hash 0c692a9e402388a3b054f2ca2695b38f b5741c961c38662a21476d3e8784151c4694298a fc86772a012196066b792a1d1c2ee209f98e0486061164725cf777a9645cd657 Loading...

	16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581	102 B	2023-03-29	2023-03-29
Pretty URL 16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 IP 45.76.148.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:25:54 Last Seen2023-03-29 23:25:54 Times Seen1 Hash 7f44351d88d10d788165e7b1b1f55605 07bfb4704f491a8c9d5473bdad02d5704608e5d9 b96626842ffcd076f6b45d8746906ae80938fa62eda7f2a6b0b04675ad08f382 Loading...

	16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581	496 B	2023-03-29	2023-12-27
Pretty URL 16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 IP 45.76.148.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:38:15 Last Seen2023-12-27 20:28:17 Times Seen216 Hash 2a0215ab15a519ac544e1e872c9348f2 657b1371075ef1380736f31a646ca96290deecde f7c55912c3a7326dfd2d9496c123fadec7c694c826a72339f01b48e7fc6bbafe Loading...

	16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581	145 B	2023-03-07	2023-05-21
Pretty URL 16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 IP 45.76.148.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:32 Last Seen2023-05-21 16:05:38 Times Seen199 Hash 3ae1f47e7707722faccbe92f1f00379b 4f5b24dd09f1d9111ba89eed93aa52a85129e070 8176d96b16ae7586bc844ac1e913ee5620918adf8f4e83f05d84027a0482600c Loading...

	16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581	731 B	2023-03-07	2024-04-15
Pretty URL 16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 IP 45.76.148.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-15 12:08:38 Times Seen1697 Hash 4c6e9aede3b035d2a54844ddc88b93b0 f4cc613ce26cb24038821cc1d292f038ffdc9d01 023d5b59c6ff0e9b4fe0f8b4da8436c945f636c0e8ebbc8e84d4a32d6f299ab6 Loading...

	16.winprizes716.monster/eng/js/app.js?id=0601d5f2aaa1656cef1f	977 B	2023-03-07	2023-06-16
Pretty URL 16.winprizes716.monster/eng/js/app.js?id=0601d5f2aaa1656cef1f IP 45.76.148.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:43 Last Seen2023-06-16 16:34:17 Times Seen255 Hash 0601d5f2aaa1656cef1fc6df860fe841 979fef5126b0bc9736a817330885d11ceaba74d4 121246f5ad90eb8c8576e4f833958cd8a6dc4e0ce5cac3a98480289eb2358e9a Loading...

		Size	First Seen	Last Seen
	#1 Eval - 343d5384b91d7a1e87f69b731518a187	79 B	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 23:25:54 Last Seen2023-03-29 23:25:54 Times Seen1 Hash 343d5384b91d7a1e87f69b731518a187 2740e7882be4ff3c4a3f2524c5787220300d76ce d96f91cddd2d15e9281a097db5ce45f06cc0ad742b0ba83f23f546ffb1e0e597 Loading...

HTTP Transactions (39)

	URL	IP	Response	Size
	track.writive-resica.com/8e40deb9-157e-48a3-ac6f-42153414bd98	18.195.195.71	302	0 B
URL HTTP/1.1 track.writive-resica.com/8e40deb9-157e-48a3-ac6f-42153414bd98 IP 18.195.195.71:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /8e40deb9-157e-48a3-ac6f-42153414bd98 HTTP/1.1 Host: track.writive-resica.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Server: nginx Date: Mon, 27 Mar 2023 20:59:55 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Pragma: no-cache Set-Cookie: 8e40deb9-157e-48a3-ac6f-42153414bd98-v4=gvbeNBXhmIQAH0K3PFNBFiITc7VjZOZm_ftamn1oP6s; Max-Age=86400; Expires=Tue, 28-Mar-2023 20:59:55 GMT; Domain=track.writive-resica.com; Path=/; HttpOnly cep-v4=BDnIjLwXctFZcWqdfqggBGRZoU97zs5rCZTnkb7j2iSLZRMqXhSXWKCYT0RgqGDbuwzYxjwAkN3oAoliUz4pQbISH7LBI7K_3_adyEKNUtseOQp02zJ0y6Ag2e0hZZiTiIFvz6CwV2HeNt0jXOAAgmBsdXreV3mZbctsE50O_qJa9O1CTlV9dymI6U6UB_ggrkztJraKQpYXrXzoYQvx4pMgVAo0VGJGcFyHebtvIo5BTwFfFPsT6K49QESDb5P5xmb_CGZGVDDWJZrMzt-Mm1YTRX3zPD_Cn4jxXV4Gr4iR25DbQpDB3jHijidKitJXnceG-4_1_Jq1pDEaaYzsglNpEsvLxn8m6dIMGzitM-j8gNArlaO0MVRa_w9893_RT0n-a9VhVwN8FSniZVspMw; Max-Age=86400; Expires=Tue, 28-Mar-2023 20:59:55 GMT; Domain=track.writive-resica.com; Path=/; HttpOnly

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5012 Expires: Mon, 27 Mar 2023 22:23:27 GMT Date: Mon, 27 Mar 2023 20:59:55 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 911d74784325663a0d95b463b0e9ae9b 21e999229be584d8e42696bce71236ad5bcb9a25 f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5089 Expires: Mon, 27 Mar 2023 22:24:44 GMT Date: Mon, 27 Mar 2023 20:59:55 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 27 Mar 2023 20:15:45 GMT content-type: application/json age: 2650 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5ad3eec59bebbf969f175627757507c1 b176af3a70db378c9e1f219bab24d9d446070d6f 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16234 Expires: Tue, 28 Mar 2023 01:30:29 GMT Date: Mon, 27 Mar 2023 20:59:55 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: Q1yaafhEx540wmsKbBmhCuTenRg8BKgk5ynb2Yw3tNE27dMwOmXFAAjFX6l+7vSRLZ1jPTUnI+Y= x-amz-request-id: VJVC6SJ97TGS1BPQ x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 27 Mar 2023 20:55:55 GMT age: 240 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:55 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 27 Mar 2023 20:17:24 GMT age: 2552 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 76a0aba3ddb470751c690f5a725159f2 8cb789e8e0dfa336270700ef1e607173f2aee6cd e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8240 Expires: Mon, 27 Mar 2023 23:17:16 GMT Date: Mon, 27 Mar 2023 20:59:56 GMT Connection: keep-alive`

	push.services.mozilla.com/	54.186.110.4	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.186.110.4:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 19u0g91CGjjYMDX0+QMApQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: mIF53pF6nwc0VVTW4Q71cW4fWV8=`

	16.winprizes716.monster/eng/img/landers/prizewheel-fb/notification.png	45.76.148.82	200 OK	449 B
URL HTTP/2 16.winprizes716.monster/eng/img/landers/prizewheel-fb/notification.png IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data Size 449 B (449 bytes) Hash bd5203f2cc9e7a9125e4575e029541b0 9fa565ab2f4b55da4735b79e529562252b3c9afe db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f HTTP Headers GET /eng/img/landers/prizewheel-fb/notification.png HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: image/png content-length: 449 last-modified: Fri, 24 Mar 2023 01:58:09 GMT etag: "1c1-5f79bb9968761" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/img/landers/prizewheel-fb/prizewheel_spinner.jpg	45.76.148.82	200 OK	32 kB
URL HTTP/2 16.winprizes716.monster/eng/img/landers/prizewheel-fb/prizewheel_spinner.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data Size 32 kB (32496 bytes) Hash d4655cba21d806e849eed4e4119fbe1a 6453039d85005643e9d65074ca022f63b5d47cdd 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7 HTTP Headers GET /eng/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: image/jpeg content-length: 32496 last-modified: Fri, 24 Mar 2023 01:58:09 GMT etag: "7ef0-5f79bb998aa42" accept-ranges: bytes X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d936cacf7578ae67595f47ac719abcce 4e863a34b9e2f83f8e9bb6eeb310fc31d58bf082 4eab7483c4d822c76c8e124d2966c1e90d88386f844cb7a3d1c857ccee1dfc50 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4EAB7483C4D822C76C8E124D2966C1E90D88386F844CB7A3D1C857CCEE1DFC50" Last-Modified: Mon, 27 Mar 2023 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6339 Expires: Mon, 27 Mar 2023 22:45:36 GMT Date: Mon, 27 Mar 2023 20:59:57 GMT Connection: keep-alive`

	16.winprizes716.monster/eng/img/prizes/iphone-12-pro-max/default@0.5x.png	45.76.148.82	200 OK	36 kB
URL HTTP/2 16.winprizes716.monster/eng/img/prizes/iphone-12-pro-max/default@0.5x.png IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data Size 36 kB (35519 bytes) Hash 3425f87a8def62d878b3fbf8f930dee2 961688eb1d3c97e9ed61199b0fcd32e60d1d3467 7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d HTTP Headers GET /eng/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: image/png content-length: 35519 last-modified: Fri, 24 Mar 2023 01:58:10 GMT etag: "8abf-5f79bb9a51dc8" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/img/landers/prizewheel-fb/loader.gif	45.76.148.82	200 OK	5.1 kB
URL HTTP/2 16.winprizes716.monster/eng/img/landers/prizewheel-fb/loader.gif IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type GIF image data, version 89a, 50 x 50\012- data Size 5.1 kB (5083 bytes) Hash ed786659a534e0d183c09a90c50abc9d a6c3d90bfaa86a7cda490bc5d04c8939c31a414e cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97 HTTP Headers GET /eng/img/landers/prizewheel-fb/loader.gif HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: image/gif content-length: 5083 last-modified: Fri, 24 Mar 2023 01:58:09 GMT etag: "13db-5f79bb9968761" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/css/app.css?id=c588c17324f2be0e0ec9	45.76.148.82	200 OK	15 kB
URL HTTP/2 16.winprizes716.monster/eng/css/app.css?id=c588c17324f2be0e0ec9 IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type ASCII text, with no line terminators Size 15 kB (14605 bytes) Hash a4407eddf90242acb7e26e27f9969208 44049ce9cdcbf0f72cd9b39e8a997b5b524b9456 9235b9eb449e6fe01d2896ef04c7c8d632be1a4a26cac6379706beb7489dc412 HTTP Headers GET /eng/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: text/css vary: Accept-Encoding last-modified: Fri, 24 Mar 2023 01:58:07 GMT etag: W/"21-5f79bb9805f75" content-encoding: br X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4361 Expires: Mon, 27 Mar 2023 22:12:38 GMT Date: Mon, 27 Mar 2023 20:59:57 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4361 Expires: Mon, 27 Mar 2023 22:12:38 GMT Date: Mon, 27 Mar 2023 20:59:57 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4361 Expires: Mon, 27 Mar 2023 22:12:38 GMT Date: Mon, 27 Mar 2023 20:59:57 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4361 Expires: Mon, 27 Mar 2023 22:12:38 GMT Date: Mon, 27 Mar 2023 20:59:57 GMT Connection: keep-alive`

	16.winprizes716.monster/eng/img/landers/prizewheel-fb/prizewheel_static.png	45.76.148.82	200 OK	3.4 kB
URL HTTP/2 16.winprizes716.monster/eng/img/landers/prizewheel-fb/prizewheel_static.png IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data Size 3.4 kB (3370 bytes) Hash dc484e0043b5ff6191b1880c8779863c a5b67e3dff3dea3940eed090431aecbb36611b1d 30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6 HTTP Headers GET /eng/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/png content-length: 3370 last-modified: Fri, 24 Mar 2023 01:58:09 GMT etag: "d2a-5f79bb998aa42" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/img/profiles/african/female/3@0.25x.jpg	45.76.148.82	200 OK	2.7 kB
URL HTTP/2 16.winprizes716.monster/eng/img/profiles/african/female/3@0.25x.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size 2.7 kB (2727 bytes) Hash 2790f79b7e764407ae4b87a9dc30734b 30f0a1e4d30ac25108f2d0487f49944fbe630b72 8970ba9af5b39727ac25d42ab540c42ae7f58de4011fadb8efd2f5f317a8d575 HTTP Headers GET /eng/img/profiles/african/female/3@0.25x.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/jpeg content-length: 2727 last-modified: Fri, 24 Mar 2023 01:58:11 GMT etag: "aa7-5f79bb9b91332" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/img/profiles/african/male/3@0.25x.jpg	45.76.148.82	200 OK	2.5 kB
URL HTTP/2 16.winprizes716.monster/eng/img/profiles/african/male/3@0.25x.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size 2.5 kB (2518 bytes) Hash 2c188d082f97b0a5b29c92dbaf7a9787 f2a3828b68ba4d06d450832a977c48a22360d5eb afc758b894177d4003b5d02d80cd023429c99cfc3cd880804570d237cf6a96f0 HTTP Headers GET /eng/img/profiles/african/male/3@0.25x.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/jpeg content-length: 2518 last-modified: Fri, 24 Mar 2023 01:58:12 GMT etag: "9d6-5f79bb9c4abf8" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/img/profiles/african/male/10@0.25x.jpg	45.76.148.82	200 OK	2.3 kB
URL HTTP/2 16.winprizes716.monster/eng/img/profiles/african/male/10@0.25x.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size 2.3 kB (2302 bytes) Hash 2ec37a714ba9202b2492cc1eff504041 29d005604784110044c80c13610ec1fe946a7d83 278b0f8b52650d39e549fc69ea49d62d3bdd0c41b3ffd939da265842b6e40369 HTTP Headers GET /eng/img/profiles/african/male/10@0.25x.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/jpeg content-length: 2302 last-modified: Fri, 24 Mar 2023 01:58:12 GMT etag: "8fe-5f79bb9c298b7" accept-ranges: bytes X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5556 bytes) Hash c831201ad81f55c63c1b101ce854a810 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5556 x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM69eHE3IAMF0Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 05:36:52 GMT age: 55385 etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	16.winprizes716.monster/eng/img/profiles/african/female/6@0.25x.jpg	45.76.148.82	200 OK	2.8 kB
URL HTTP/2 16.winprizes716.monster/eng/img/profiles/african/female/6@0.25x.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size 2.8 kB (2766 bytes) Hash af242991b9a56424739c63a6bd4090a7 7b41b3b2cfbbe69a865efa8863883bf029738b6e c53bda952fa4ca1869dfb4fd7db948ef87f1a8c8f2e6633e2320465f01f0829f HTTP Headers GET /eng/img/profiles/african/female/6@0.25x.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/jpeg content-length: 2766 last-modified: Fri, 24 Mar 2023 01:58:11 GMT etag: "ace-5f79bb9bb16d3" accept-ranges: bytes X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10591 bytes) Hash 668a8a17a1bb77ea7db7fa23c9df9690 242108539ff8694a3c557d07b2b000e764a77f24 100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10591 x-amzn-requestid: 8359ddc1-a6c6-4caf-9de3-f2eb4dcb0c78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CaIO-F0QIAMF5_A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6420ba5f-72ee066911fdddb62c4a201d;Sampled=0 x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:23 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: hfm1xuKZ-Olu263DvYfbYlEnANaiIL9e7jEDUqDAf3ihT5N2HAdyIA== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 21:49:30 GMT age: 83427 etag: "242108539ff8694a3c557d07b2b000e764a77f24" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg	34.120.237.76	200 OK	4.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.8 kB (4775 bytes) Hash 8cc79a830964d923d24a45f5ccc9939b 557cc4827414912c41319ad961c14cce71ed4a18 b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4775 x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CK96KF9coAMFvMA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: psNReeBG7nAuKQXIMl1zwCVmvtZ-xwn6Fx8oAIX4wi4GCNUWNWOGMA== via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 22:12:36 GMT age: 82041 etag: "557cc4827414912c41319ad961c14cce71ed4a18" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg	34.120.237.76	200 OK	3.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.6 kB (3589 bytes) Hash 1ec08d4bd079a92161fc80f41281b5a9 bf61369962342cce85de8f48942b4b150fd2721e 8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3589 x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1uyE2joAMF50g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ== via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 21:37:24 GMT age: 84153 etag: "bf61369962342cce85de8f48942b4b150fd2721e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	16.winprizes716.monster/eng/img/profiles/african/male/9@0.25x.jpg	45.76.148.82	200 OK	3.1 kB
URL HTTP/2 16.winprizes716.monster/eng/img/profiles/african/male/9@0.25x.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size 3.1 kB (3146 bytes) Hash 4c30d4f61201b822adcfa58dbe32389c 9d9edd23a3b074135d9e043b5d1e52d8dbe29c91 19d491c137daf159170ed6d6340c33b11806347b18b2e89840989b914346d9f4 HTTP Headers GET /eng/img/profiles/african/male/9@0.25x.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/jpeg content-length: 3146 last-modified: Fri, 24 Mar 2023 01:58:12 GMT etag: "c4a-5f79bb9c4ea78" accept-ranges: bytes X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10405 bytes) Hash 22905e8a7c8b1741dd51842c114a6517 c5900fe2396e0ca371c4847af4e96149850c3577 1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10405 x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CRi69E9xoAMFiJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0 x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA== via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 05:54:17 GMT age: 54340 etag: "c5900fe2396e0ca371c4847af4e96149850c3577" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (12017 bytes) Hash e999a9d79efe60a30b2942c5f2940294 c3891c43b16521f66eb3a52d83694de2ddd39871 290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12017 x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ca6yQGNtoAMFsxw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg== via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 03:34:08 GMT age: 62749 etag: "c3891c43b16521f66eb3a52d83694de2ddd39871" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	16.winprizes716.monster/eng/img/prizes/iphone-12-pro-max/proof.jpg	45.76.148.82	200 OK	23 kB
URL HTTP/2 16.winprizes716.monster/eng/img/prizes/iphone-12-pro-max/proof.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data Size 23 kB (23152 bytes) Hash 029d38095e06ced0688fd67a58e70781 b5bdaddeb39b947c35f883f001f34dd163bcb362 5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1 HTTP Headers GET /eng/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/jpeg content-length: 23152 last-modified: Fri, 24 Mar 2023 01:58:10 GMT etag: "5a70-5f79bb9a52d68" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/js/app.js?id=0601d5f2aaa1656cef1f	45.76.148.82	200 OK	2.4 kB
URL HTTP/2 16.winprizes716.monster/eng/js/app.js?id=0601d5f2aaa1656cef1f IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type ASCII text, with very long lines (977), with no line terminators Size 2.4 kB (2402 bytes) Hash 23cb29c70534a45612083f472863f5d6 e25dd05a53ef84699df12c3af16c4c807af19242 8053bb9aab3f1ffb1e04926cd02f779d452d77c88b8fd748ca78e6a93b6e4fbf HTTP Headers GET /eng/js/app.js?id=0601d5f2aaa1656cef1f HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Fri, 24 Mar 2023 01:58:08 GMT etag: W/"3d1-5f79bb989f49a" content-encoding: br X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/img/profiles/african/female/1@0.25x.jpg	45.76.148.82	200 OK	2.8 kB
URL HTTP/2 16.winprizes716.monster/eng/img/profiles/african/female/1@0.25x.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size 2.8 kB (2781 bytes) Hash 9ef452251daa9ff9fbdc5fe827a35061 2cb40a02efce5fd8772f57b8e9737018fed3f9ba 355126576c7a0bdbbe771a2b039d093c855efe6805941a36456324a2076e2ce1 HTTP Headers GET /eng/img/profiles/african/female/1@0.25x.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/jpeg content-length: 2781 last-modified: Fri, 24 Mar 2023 01:58:11 GMT etag: "add-5f79bb9b7cb11" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/img/profiles/african/male/2@0.25x.jpg	45.76.148.82	200 OK	2.1 kB
URL HTTP/2 16.winprizes716.monster/eng/img/profiles/african/male/2@0.25x.jpg IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Size 2.1 kB (2053 bytes) Hash 0f15632c24d4646c58f30feaa3baaa8a a7f319366432f5a63d7f11d30b0a6c9cb6398b64 4118d09fb21a7f34160f470078f6dcba042e8a07e2b4e32de12a4dcd9c5e7da8 HTTP Headers GET /eng/img/profiles/african/male/2@0.25x.jpg HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:57 GMT content-type: image/jpeg content-length: 2053 last-modified: Fri, 24 Mar 2023 01:58:12 GMT etag: "805-5f79bb9c2a857" accept-ranges: bytes X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581	45.76.148.82	200 OK	0 B
URL HTTP/2 16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type Size 0 B (0 bytes) Hash HTTP Headers GET /eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: text/html vary: Accept-Encoding last-modified: Fri, 24 Mar 2023 08:06:33 GMT etag: W/"3059-5f7a0df14169b" content-encoding: br X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5	45.76.148.82	200 OK	0 B
URL HTTP/2 16.winprizes716.monster/eng/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5 IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type Size 0 B (0 bytes) Hash HTTP Headers GET /eng/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5 HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Fri, 24 Mar 2023 01:58:11 GMT etag: W/"24ab5-5f79bb9b5a830" content-encoding: br X-Firefox-Spdy: h2`

	16.winprizes716.monster/eng/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444	45.76.148.82	200 OK	0 B
URL HTTP/2 16.winprizes716.monster/eng/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 IP 45.76.148.82:0 ASN #20473 AS-CHOOPA File type Size 0 B (0 bytes) Hash HTTP Headers GET /eng/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1 Host: 16.winprizes716.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://16.winprizes716.monster/eng/phindexn3.html?city=Oslo&model=Desktop&brand=Desktop&cep=bGZp2cU-eHxEgrckM-poApw0U6vbAZINjg7gBeFBTEUbK5hKeJ4oMcemRP5g2sy6yrFhgncB0ZyoAra6dTaiaQIAJ54T_Nv1eBQJlS25jPR-1IsOAkjs6tyjWEjMX52vyHBP3opuQNsxvmu0v1pe732uZrSYPK0ommdLae4MhV1BdQxanSma34BeAhOec4UJVGHjm5i13L-Q5msBkPtq4jvhIbmt2M_XjmlXphSUKihPrhAXgaC6QbNuaba9Ls0zDfPMBA-bsUvPbaEAn7dg2obX_l9ktm-f5yAZihnD0HW4ipEOHUuR5EGTt7dEpYDEoBl-Bvw6mDyCq5dr0r0qkASlEWMLlAEvlne3wQn965WVelZbq6JUoylXrHrOInT9jSEYI3uvStPloJfAYlbokw&lptoken=160c7902951225d29581 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:59:56 GMT content-type: text/css vary: Accept-Encoding last-modified: Fri, 24 Mar 2023 01:58:08 GMT etag: W/"da7-5f79bb98e1b1c" content-encoding: br X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML