Overview

URL44.winprizes544.digital/myaff2icu/index.php
IP 45.76.148.82 (Singapore)
ASN#20473 AS-CHOOPA
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-23 11:57:55 UTC
StatusLoading report..
IDS alerts0
Blocklist alert0
urlquery alerts
4
Scam / Brand infringement
Scam / Brand infringement
Tags None

Domain Summary (8)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-23 05:36:46 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.167.231.108
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (5) 344 No data No data 23.36.76.226
44.winprizes544.digital (23) 0 No data No data 45.76.148.82 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-23 05:36:31 UTC 34.102.187.140

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.76.148.82
Date UQ / IDS / BL URL IP
2023-02-07 10:56:56 +0000 1 - 0 - 0 50.winprizes550.digital/myppush1/index.php?ci (...) 45.76.148.82
2023-02-07 04:35:48 +0000 0 - 0 - 1 78.winprizes678.monster/ph1/eng1ppn2.html?cit (...) 45.76.148.82
2023-02-07 03:27:57 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php?c (...) 45.76.148.82
2023-02-07 02:31:53 +0000 0 - 0 - 4 62.winprizes662.monster/eng/phengnotix4.html? (...) 45.76.148.82
2023-02-06 21:56:16 +0000 0 - 0 - 1 78.winprizes678.monster/ph1/eng1ppn2.html?cit (...) 45.76.148.82


Last 5 reports on ASN: AS-CHOOPA
Date UQ / IDS / BL URL IP
2023-02-07 19:56:21 +0000 1 - 0 - 2 47.winprizes147.digital/mx2/mxwr22.html?city= (...) 217.69.14.8
2023-02-07 19:26:55 +0000 0 - 1 - 0 zagent365.zspeed-cdn.com/static/v2/among-us-t (...) 155.138.146.150
2023-02-07 15:51:59 +0000 0 - 1 - 0 zagent370.zspeed-cdn.com/static/v2/Practical- (...) 136.244.112.152
2023-02-07 15:49:18 +0000 4 - 7 - 0 mayank1099.duckdns.org/panel/28662d9.php 104.238.156.38
2023-02-07 14:37:19 +0000 0 - 0 - 18 dontstopthismusics.com 45.77.77.25


Last 5 reports on domain: winprizes544.digital
Date UQ / IDS / BL URL IP
2023-02-07 03:27:57 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php?c (...) 45.76.148.82
2023-02-05 20:56:24 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php 45.76.148.82
2023-02-05 08:54:51 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php 45.76.148.82
2023-02-04 17:55:35 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php 45.76.148.82
2023-02-03 16:56:44 +0000 1 - 0 - 0 44.winprizes544.digital/myaff2icu/index.php?c (...) 45.76.148.82


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-07 19:56:21 +0000 1 - 0 - 2 47.winprizes147.digital/mx2/mxwr22.html?city= (...) 217.69.14.8
2023-02-07 10:56:56 +0000 1 - 0 - 0 50.winprizes550.digital/myppush1/index.php?ci (...) 45.76.148.82
2023-02-07 07:53:47 +0000 1 - 0 - 2 mxsupergifts.digital/alwheelpropmx/index.html 217.69.13.14
2023-02-07 06:01:10 +0000 1 - 0 - 7 www.your-lucky-days.xyz/sweeps/iPhoneXS-EN-Sp (...) 54.230.111.40
2023-02-07 05:56:49 +0000 1 - 1 - 1 track.rendan-compto.com/9ed5687a-5907-4b78-81 (...) 18.195.128.171

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (6)
#1 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#2 JavaScript::Write (size: 11) - SHA256: 3982730cff060e8a80aef0c0236b0442f3f52b0453216f72b8a922fd28d7bf40
21 November
#3 JavaScript::Write (size: 11) - SHA256: 8709742caac9a7af1f9ec325318d264fc6662b0245b9732e6ca734967fc23f14
20 November
#4 JavaScript::Write (size: 11) - SHA256: a0ed60ffcccb029188c0fa7dd63537791f04c03f6e35201a563e9933a7f578fa
19 November
#5 JavaScript::Write (size: 22) - SHA256: 38873b6b69534e7576d1157f92234008a552a2f444122dbb4167cb879785ef60
Rabu, 23 November 2022
#6 JavaScript::Write (size: 4) - SHA256: 30a40ac951ce96e481525144a5f1dad758748ed7a93913367a772e55b54ce9ba
Rabu


HTTP Transactions (41)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8443
Expires: Wed, 23 Nov 2022 14:18:27 GMT
Date: Wed, 23 Nov 2022 11:57:44 GMT
Connection: keep-alive

                                        
                                            GET /myaff2icu/index.php HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.76.148.82
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Wed, 23 Nov 2022 11:57:44 GMT
Content-Length: 434
Connection: keep-alive
Location: https://44.winprizes544.digital/myaff2icu/index.php


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   434
Md5:    ddbfb93668af86307f93580005d96b8d
Sha1:   0f17675bc02b8ffa20a5e907ed81e0f2fab512df
Sha256: 5860e223fbd1c23a866f9d1015ad1f5a8632b8f80fd3ec734cdb646a495114b2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6463
Cache-Control: max-age=87674
Date: Wed, 23 Nov 2022 11:57:44 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:18:58 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4512
Expires: Wed, 23 Nov 2022 13:12:56 GMT
Date: Wed, 23 Nov 2022 11:57:44 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: wuiY7WntCb+MQCFBwQCVU1kyr4OYdDaIC8Rb2ef3qTTF6J4wOphsyhYZ50L8cNuRZNa1n5kI1aU=
x-amz-request-id: TDKX1J458MZQ4FBH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 11:42:58 GMT
age: 887
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 11:17:07 GMT
cache-control: public,max-age=3600
age: 2438
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:45 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 11:11:11 GMT
cache-control: public,max-age=3600
age: 2794
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6158
Cache-Control: max-age=168706
Date: Wed, 23 Nov 2022 11:57:45 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:49:31 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hUFwiE7+x5+Wl8yFOTQytw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.167.231.108
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CO/DBQaXXlSW2GSm2pPAdxitacA=

                                        
                                            GET /myaff2icu/pw_ix.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 31191
last-modified: Mon, 25 Apr 2022 03:27:17 GMT
etag: "79d7-5dd72273dd571"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 501 x 501, 8-bit colormap, non-interlaced\012- data
Size:   31191
Md5:    5fc015b94e8c0ea18422670e93b141ce
Sha1:   b578ad18a8ba581e6bb26598bc081496aaf24175
Sha256: cb6830f49373a35ef541e1fc3de08e4fb1a99c2c7ada98025909669b30d4b8c4
                                        
                                            GET /myaff2icu/ixo.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 14197
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "3775-5dd7226e5f152"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 165 x 331, 8-bit colormap, non-interlaced\012- data
Size:   14197
Md5:    227549843293c6fa24a792b54248ef39
Sha1:   366312180e142c472c250d53334bec00a2634f79
Sha256: e79afff7ed20dae4001cd848396b37203f740cb03097d98a94d28e2874e743a8
                                        
                                            GET /myaff2icu/ix-s.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 10582
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "2956-5dd7226e4a932"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 236, 8-bit colormap, non-interlaced\012- data
Size:   10582
Md5:    77ce5723bbb951ae5b26478839f9f57e
Sha1:   a8748fea07c30d85a69ebfac68fb94746c063578
Sha256: f13ca6df822b46229be1c93a01180de802cc7391e98e6b349e04d41bf947a4a0
                                        
                                            GET /myaff2icu/ix-g.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 10749
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "29fd-5dd7226e39f91"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 236, 8-bit colormap, non-interlaced\012- data
Size:   10749
Md5:    2c1edeb88c3c4e0f13ef4dd7809e9e61
Sha1:   99c3273103fc958c99ee9da9900ea78ea1fc517d
Sha256: fc97772893ff2815057089661f7cb0755dd0b1e96af7b40a9ccc644dc88dd3e2
                                        
                                            GET /myaff2icu/like_user_1.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1293
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "50d-5dd7226eb8ed4"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1293
Md5:    2aa0d43e70d60d76ac4bdff139f8c7cb
Sha1:   d7e3433297ad90f5d99249aee29b645265c9f3eb
Sha256: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /myaff2icu/like_user_2.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1216
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "4c0-5dd7226eca814"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1216
Md5:    f9299c2023539a8f27a6e1b12ed260e5
Sha1:   046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
Sha256: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd

Alerts:
  urlquery:
    - Scam / Brand infringement
                                        
                                            GET /myaff2icu/my11.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1017
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "3f9-5dd7226f38db7"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1017
Md5:    ea5a480ce9f5175b1305da649659f3e2
Sha1:   a86b6693a567918d7c7f5b69ea09bc3b54ec8b08
Sha256: 657f339c517ce2e89a0355eb327a5532eec6b10a81fd1047c5a6b59c418f42d0
                                        
                                            GET /myaff2icu/my12.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1358
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "54e-5dd7226f49757"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1358
Md5:    e9e838da5f1f374be3b7b620917a7f57
Sha1:   d0157bfc45aa1e2f291f7d9b12bff3000b86a112
Sha256: 9c5f1c0fafd56a61ce4bbfde6b287e2fb564718c46dbd825b243060cf4554cbc
                                        
                                            GET /myaff2icu/my13.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1241
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "4d9-5dd7226f5c038"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1241
Md5:    57a0ced58ec3b95e82a5969855badac2
Sha1:   f180e3047a27ca9bec7b846ce96b273ac176f6b4
Sha256: c8b5d9b1f95245213a1f0553ccae1140bf3b9b92ae2d6fffddfca138a1d0f8b4
                                        
                                            GET /myaff2icu/my14.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1559
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "617-5dd7226f6d978"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1559
Md5:    7c7142d86dc211731e3c15572ea85536
Sha1:   26b6f5a9011df0a33eebdb46e6ee49600aad2190
Sha256: fb8f60166e74367aea6c8205674026cb92ec1744ea1c35f3acdefc6baf8439ca
                                        
                                            GET /myaff2icu/my16.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1042
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "412-5dd7226f80258"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1042
Md5:    09e160b7e8738af97bdb5eeffad18d72
Sha1:   ced1302eb83edd6cd4fa5485198060d8a8a9abe6
Sha256: 934c8f2afaa9559ea4ec3da4e070be3bf8e894f6deb8e20413bd8ccd21b8fd03
                                        
                                            GET /myaff2icu/clip_footer_3.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 2445
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: "98d-5dd7226cd874a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data
Size:   2445
Md5:    0650d2120ba512d13badb739eb3bcb2f
Sha1:   ca501dbce36ab62896b57c043b7690bfc1b7f0c3
Sha256: 292ce5b88f14029a90f59f9ac004b7aeeb353b43637870ff4b19ddd0228ab4c4
                                        
                                            GET /myaff2icu/my17.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1101
last-modified: Mon, 25 Apr 2022 03:27:13 GMT
etag: "44d-5dd7226f90bf9"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1101
Md5:    f8d880b363c37e2c67f0ef180818a4e7
Sha1:   0eba8f1c533a4446dd2bb3736ef8e880ddfb7843
Sha256: b2211d80393499fd96a561cbc3695f1a1d7fb40ce0c7173ff6e7ea935ce86795
                                        
                                            GET /myaff2icu/footer_right.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 4913
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: "1331-5dd7226d1dcab"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data
Size:   4913
Md5:    0be1d52e6c9ea63928452dda6f1ea1b9
Sha1:   9686e91f67342fe625445612c6a68a7f05518331
Sha256: 2c998982251038bfd244986e4ea22da2dbb1d3308775c775b7943d10385de59d
                                        
                                            GET /myaff2icu/menu_2x.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 156
last-modified: Mon, 25 Apr 2022 03:27:12 GMT
etag: "9c-5dd7226f264d6"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 36, 4-bit colormap, non-interlaced\012- data
Size:   156
Md5:    e25a5701095b0a1a4c35e5406960bda8
Sha1:   a9fc28153d26c5e8c74b5328a5c1d78fdfb2e031
Sha256: 61958be1ad915c79ddd505bd5097d482b91f929f61771a94063f69ade75f864f
                                        
                                            GET /myaff2icu/clean.css HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
vary: Accept-Encoding
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: W/"2b87-5dd7226cd77aa"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11143), with no line terminators
Size:   2995
Md5:    186d6e89f981c0dca5b259554360ac40
Sha1:   98f4fa0461ff4ed319f340faee90033591795811
Sha256: f0bd9d56926133ea0223b574701ded6d1250146fdcb247028fbe1bfcc2ae0468
                                        
                                            GET /myaff2icu/spin_prize2.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 2902
last-modified: Mon, 25 Apr 2022 03:27:19 GMT
etag: "b56-5dd722756dbb9"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data
Size:   2902
Md5:    dc05391b4ed8b59f3cf2400ff3996f45
Sha1:   3996c073d670e035b391b778407287db9cda3c87
Sha256: 31a273951472fd3d9882b4e0464b1815078065127ef8eed782493a97cadd56a0
                                        
                                            GET /myaff2icu/action_icons_20px_2x.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 1688
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: "698-5dd7226c8c488"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Size:   1688
Md5:    887a1513d01bb098928ae132c0dfc902
Sha1:   fba2c4a40dfe89ea83e088ae0577949af6765927
Sha256: ffa135c7ccdaf4dbd34ca273a467c2549f9c9e3a809eb3c87af93509fb84527e
                                        
                                            GET /myaff2icu/comment_action_2x.png HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://44.winprizes544.digital/myaff2icu/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
content-length: 637
last-modified: Mon, 25 Apr 2022 03:27:10 GMT
etag: "27d-5dd7226cfaa2a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Size:   637
Md5:    4012bda46485e716c4341cef9c214c17
Sha1:   0a021ad69b618cc6baf618a305ba37f2b40a4da7
Sha256: 8f7e6c0300920a8d8847859adc639417386f837bc0a458436768d4207dc259cc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3157
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 11:57:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3157
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 11:57:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3157
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 11:57:47 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6475
x-amzn-requestid: b3f37508-ce80-4bfd-8f40-d98c1ee57f7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQlaF-9IAMFh8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e22-42b6d99c69142d1e37161d69;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:02:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PZE1jHafMw2Qp-hgWemayemh8jLD57th6a2hD55aLhj4KSyjR-rvmQ==
via: 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:15:53 GMT
age: 16914
etag: "d359314799f8873b35580dd5f8c64b75dfa4ffe3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6475
Md5:    050f43f830803646a2ece48e01ac8d24
Sha1:   d359314799f8873b35580dd5f8c64b75dfa4ffe3
Sha256: d4ad8c9e5e1fe428c55c02e567aba32664055f8a881ee6aff8438c3a09124f3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11793
x-amzn-requestid: 7edbd95e-83c8-4162-886f-b0bf88deee5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oFrQIAMFnYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-4f1317ec61500d713816830d;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WYzBlSLCZWYEtLVSlKROHJMgK7WYhBNym1oizSWYlwg5oBatM9eRYQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:54:39 GMT
age: 46988
etag: "97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11793
Md5:    8b591bcc9d645eed0ea6ebc5dae07d31
Sha1:   97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb
Sha256: 82dde9a4d139bdfae1d8859f4d7a77f92182c65ad630e25d0cc52f346dd1dfad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 05:01:14 GMT
age: 24993
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8365
x-amzn-requestid: e6c2ec6e-525e-4b9f-a45d-63076580df5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrpFJ3oAMF4mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee4a-576f678b6e364bca09532010;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RjuSNwOFpk7_LY-bp-R4iKsz33D4T5Are-BNb2ftPT-N_g0W2PDeuQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:44:55 GMT
age: 51172
etag: "c18884ce9370c97e6b4e12ab0f827d68a1938bfa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8365
Md5:    03830e3ff377979c234bf37561c54cfd
Sha1:   c18884ce9370c97e6b4e12ab0f827d68a1938bfa
Sha256: 5ba8bfc69c7eba42de4a16bf6d1e1e3570cd3918fe15cb8b2d25950ef791ddbb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 49479
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5914
Md5:    c6380f73d47906bd63b9c48137e4df61
Sha1:   94e053461d2db89e9d08321f26a2555ebcd7e0b9
Sha256: 84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gtzOoH3--VR9BQTHvU5vInc6yhBcK0-O1oBbVJpAhpRRqqKY8vAf_g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:48 GMT
age: 51119
etag: "663cace8681891ad55943dd0273493aa9474d102"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9766
Md5:    3e8d7af3a5d030774447a0f71c7824f0
Sha1:   663cace8681891ad55943dd0273493aa9474d102
Sha256: 22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /myaff2icu/my15.jpg HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         45.76.148.82
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:46 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /myaff2icu/index.php HTTP/1.1 
Host: 44.winprizes544.digital
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         45.76.148.82
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Wed, 23 Nov 2022 11:57:45 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---