firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 03:52:56 GMT
Expires: Mon, 24 Oct 2022 04:22:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: luBEr4nNVbwcScZ059L-Hmmgx8m-vUCDlRL9f85dq2gzqyfwj3-UcQ==
Age: 1957
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2460
Expires: Mon, 24 Oct 2022 05:06:33 GMT
Date: Mon, 24 Oct 2022 04:25:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2507
Expires: Mon, 24 Oct 2022 05:07:20 GMT
Date: Mon, 24 Oct 2022 04:25:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IHKr9Jl8S2rdQPxsw/kBLjv/Cz0T2rAyATWfi8gzviMjkc4FtqjYVok46W34Y4fCiRVE1uJlwdE=
x-amz-request-id: J706SEYQYPTHS5EQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 04:08:22 GMT
age: 1031
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 03:33:32 GMT
Expires: Mon, 24 Oct 2022 03:52:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iaLpWKE4z5HsulSqSf-ixC6-gsFC6ViR8RAH6BKJiWQyOcUNoL_STA==
Age: 3121
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3426
Cache-Control: max-age=103095
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 04:25:34 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 09:03:49 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
42.winprizes542.digital/th1paff/thaff22n4.html?city=Celina&model=Pixel%204&brand=Google&isp=Google%20Cloud&browser=Chrome%20Mobile&cep=Iad2nGi_DeJITyLzbCQSOalTxsaDTTj4drlBqqb99MEoU8Qt1fJd7wmqKhXtPx2hCKcgMrEsjNmEElYJkjB8Onaa9hnEeZ4AywCDljUNmnyqB0E7VmmRZDdxva7apOtG2CS3B4McyR0vci0j-PEWl6-nw6gqsn5zSzMn_5wyvyn0V94dD6nHAlNWBA3LVO_ncbUvLZiybtY5yzzFEVPjjQvrRDBRc0Sz4TmNnChsn2xdydMwvMxNjVlu7wd6jU2vxr6R0uWDNNlfyrYuZddoWCZjbYPev7lZwzA5GdyiMhytcidQDDboS7ylrAsCvWHnNNoJ7z2w2qvgtB_UmoCo0SYRbk1ngIa9zWCAGpd8Wq30-g8LkYCym-4YgvYUINhCIbdAxzyKSYiuIe-4rKMUthmOQ0ja_xvTbnPIT6HITQA&lptoken=1663667c5775547e056a
45.76.148.82301 Moved Permanently 1.0 kB URL HTTP/1.1 42.winprizes542.digital/th1paff/thaff22n4.html?city=Celina&model=Pixel%204&brand=Google&isp=Google%20Cloud&browser=Chrome%20Mobile&cep=Iad2nGi_DeJITyLzbCQSOalTxsaDTTj4drlBqqb99MEoU8Qt1fJd7wmqKhXtPx2hCKcgMrEsjNmEElYJkjB8Onaa9hnEeZ4AywCDljUNmnyqB0E7VmmRZDdxva7apOtG2CS3B4McyR0vci0j-PEWl6-nw6gqsn5zSzMn_5wyvyn0V94dD6nHAlNWBA3LVO_ncbUvLZiybtY5yzzFEVPjjQvrRDBRc0Sz4TmNnChsn2xdydMwvMxNjVlu7wd6jU2vxr6R0uWDNNlfyrYuZddoWCZjbYPev7lZwzA5GdyiMhytcidQDDboS7ylrAsCvWHnNNoJ7z2w2qvgtB_UmoCo0SYRbk1ngIa9zWCAGpd8Wq30-g8LkYCym-4YgvYUINhCIbdAxzyKSYiuIe-4rKMUthmOQ0ja_xvTbnPIT6HITQA&lptoken=1663667c5775547e056a
IP 45.76.148.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (673)
Hash 82e657191d1c05a255e3a3795f0b8c3d
beea693c215306f20d7300880268763c32447e25
d928964ee4896e7ae263da56680e88957e6d64ad156cb0c008c96d4609da579f
GET /th1paff/thaff22n4.html?city=Celina&model=Pixel%204&brand=Google&isp=Google%20Cloud&browser=Chrome%20Mobile&cep=Iad2nGi_DeJITyLzbCQSOalTxsaDTTj4drlBqqb99MEoU8Qt1fJd7wmqKhXtPx2hCKcgMrEsjNmEElYJkjB8Onaa9hnEeZ4AywCDljUNmnyqB0E7VmmRZDdxva7apOtG2CS3B4McyR0vci0j-PEWl6-nw6gqsn5zSzMn_5wyvyn0V94dD6nHAlNWBA3LVO_ncbUvLZiybtY5yzzFEVPjjQvrRDBRc0Sz4TmNnChsn2xdydMwvMxNjVlu7wd6jU2vxr6R0uWDNNlfyrYuZddoWCZjbYPev7lZwzA5GdyiMhytcidQDDboS7ylrAsCvWHnNNoJ7z2w2qvgtB_UmoCo0SYRbk1ngIa9zWCAGpd8Wq30-g8LkYCym-4YgvYUINhCIbdAxzyKSYiuIe-4rKMUthmOQ0ja_xvTbnPIT6HITQA&lptoken=1663667c5775547e056a HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 24 Oct 2022 04:25:34 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 1006
Connection: keep-alive
Location: https://42.winprizes542.digital/th1paff/thaff22n4.html?city=Celina&model=Pixel%204&brand=Google&isp=Google%20Cloud&browser=Chrome%20Mobile&cep=Iad2nGi_DeJITyLzbCQSOalTxsaDTTj4drlBqqb99MEoU8Qt1fJd7wmqKhXtPx2hCKcgMrEsjNmEElYJkjB8Onaa9hnEeZ4AywCDljUNmnyqB0E7VmmRZDdxva7apOtG2CS3B4McyR0vci0j-PEWl6-nw6gqsn5zSzMn_5wyvyn0V94dD6nHAlNWBA3LVO_ncbUvLZiybtY5yzzFEVPjjQvrRDBRc0Sz4TmNnChsn2xdydMwvMxNjVlu7wd6jU2vxr6R0uWDNNlfyrYuZddoWCZjbYPev7lZwzA5GdyiMhytcidQDDboS7ylrAsCvWHnNNoJ7z2w2qvgtB_UmoCo0SYRbk1ngIa9zWCAGpd8Wq30-g8LkYCym-4YgvYUINhCIbdAxzyKSYiuIe-4rKMUthmOQ0ja_xvTbnPIT6HITQA&lptoken=1663667c5775547e056a
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q8hrv2+Lx6L4YYHkr1eXxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Wf+vGLoO3Dq4+6+FjxjBo6CdhdM=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:25:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:25:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:25:35 GMT
Connection: keep-alive
push.winprizes542.digital/js/pub.min.js
67.212.173.74200 OK 1.5 kB URL HTTP/2 push.winprizes542.digital/js/pub.min.js
IP 67.212.173.74:0
File type ASCII text, with very long lines (2752)
Hash 31c303586c1b78e33984bd252b8e2644
8083e2aad4cbf8242a4e6fb53657d49552b85f82
d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
GET /js/pub.min.js HTTP/1.1
Host: push.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Tue, 25 Oct 2022 04:25:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c16ee3c480c8ee5b51b7dd88375649ae
885e2070d3ea7973fd978e1e9c247ce248afdbbb
4086d5476b9f3b6c06535fc588784c19a52008178cbdeccbff4c98497bd8e428
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7361cd7-8ea8-4a4b-8e5a-6e3ef375eb7e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: 5bbcd9f1-fa0a-4591-a38c-b472e2ef148f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelC7EZ4oAMFmvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b545-754aa64e1249811f2c019641;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qkk3lDqVtpedvxCxGrNyJVjGIW6-VJqpMgBxHjaRatILglKJ96Tfvg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:36 GMT
age: 23939
etag: "885e2070d3ea7973fd978e1e9c247ce248afdbbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9983bdfe8dbe8386970aae586bb57575
4c5ff521fec700a1cda73325eebbeb88f97baa39
775d510a8d82ed993085e3d828c33b75eee99db2911b90d6151faf5c2e25b5d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: 8d639b03-49d2-411b-b0ca-39c5dafe21f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOtF6YIAMF-4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b591-230070a06848d4d90ea4f6ef;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mYzFAcyUErnaOlGBX0ygFYZ4608EanLq5V4xzX7qCHQRGzkKwwWvHw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:14:18 GMT
age: 22277
etag: "4c5ff521fec700a1cda73325eebbeb88f97baa39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83541a1138889c5e692e7021c073f990
b42a826513836e4bad11289a5ccec0966d0c6d11
7467154701943711c92a10449baf4f7eac42b31046f17778667db5ba673dd67f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11434
x-amzn-requestid: 0970e5a1-a1dd-4685-b2a2-b748327b5e27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOOEwHoAMFWzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58e-30834eff039ef76267bf3459;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IGk98fgPhfTOLjKNa2rJJICeulHimmnIuJOSY9jJ31Lb6EXLozwT1A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:01:50 GMT
age: 23025
etag: "b42a826513836e4bad11289a5ccec0966d0c6d11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cd3b0c2f628a973659cdb368dfc64cf
c5097681a4dcff980dc788191356e7e7c21ef3b1
03374811ad045fafd0d6898ef3b1beea094b785e8144f570e2d7e9912773c2a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 9027dbc2-08da-449f-9a40-59c58169fa28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDlG5XIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b549-4dd10f5c123194ff6ce4070f;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8wGo-DXHbBkHTL0pga_Er5trO69wmUsUc7oOSz4zJ8yskzOVjF98Zg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:59:31 GMT
age: 23164
etag: "c5097681a4dcff980dc788191356e7e7c21ef3b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa538fb-7cd1-41f1-aacd-b9ff42991b8b.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa538fb-7cd1-41f1-aacd-b9ff42991b8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72d843f94f06a00091ded227a40f24f7
7becba083c646f4715513e07d297ebc56f9d22ab
407d2ea28f44456af3f0f7b7f594703b08d15a5d682756bcad17de85dce65cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa538fb-7cd1-41f1-aacd-b9ff42991b8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8361
x-amzn-requestid: 23942897-d28e-4661-b941-1c8eb5ae9735
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelO4E4BIAMFcpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b592-4df057fb403df49841961951;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:46 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ybm5nbcEOMZT4vaC5dx7ji-VXg11O3AUZFfE42y418bv-QU0ntK_MQ==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:36 GMT
age: 23939
etag: "7becba083c646f4715513e07d297ebc56f9d22ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456d7d5b-fd41-4fa5-8e9e-d89e82b0dc48.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456d7d5b-fd41-4fa5-8e9e-d89e82b0dc48.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ad00d9f89cc4d7f29fd53f89b4545f3
c4dbc6b4b8b9cf4f8868ddc060ee731cf43153d7
6d8e82f5aced08627c83945bc8f011bbaea66789427624baaef5104858472ea2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456d7d5b-fd41-4fa5-8e9e-d89e82b0dc48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 5085f7ea-72de-43e0-a670-d221fc6af736
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelBzHcPIAMFpqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1c4bfd5c56b0af173eb43001;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pCvtOb9B5beB4xJFbTvDQxO37bcXmPVCAwUOw7hOZLHTe_W-ii4T6Q==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:35:31 GMT
etag: "c4dbc6b4b8b9cf4f8868ddc060ee731cf43153d7"
content-type: image/jpeg
age: 21004
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/clean.css
45.76.148.82200 OK 2.8 kB URL HTTP/2 42.winprizes542.digital/th1paff/clean.css
IP 45.76.148.82:0
File type ASCII text, with very long lines (11143), with no line terminators
Hash bc19283ed3e114f7dfb9892354ee9f11
df1caf51538517c5d65bb3953ebc4e70195b750a
9bc49428dee2a10afb1f17a2b3c3915ec1c7209a2bc44934e65f7450d8e8c43b
GET /th1paff/clean.css HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 25 Apr 2022 03:21:06 GMT
etag: W/"2b87-5dd721117c2a9"
content-encoding: br
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/notify_2x.png
45.76.148.82200 OK 229 B URL HTTP/2 42.winprizes542.digital/th1paff/notify_2x.png
IP 45.76.148.82:0
File type PNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced\012- data
Hash 988234626ae7a880ed9c6a92f6336c0f
173967c2b59baed4a06997d874aba32ab65da201
4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/notify_2x.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42.winprizes542.digital/th1paff/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 229
last-modified: Mon, 25 Apr 2022 03:21:08 GMT
etag: "e5-5dd7211403a16"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/i11black.png
45.76.148.82200 OK 241 kB URL HTTP/2 42.winprizes542.digital/th1paff/i11black.png
IP 45.76.148.82:0
File type PNG image data, 828 x 828, 8-bit/color RGBA, non-interlaced\012- data
Size 241 kB (241130 bytes)
Hash 13d47dc9e6696f67342dd750753a4f9c
0939480dc263b6d311ec872929e6e0cdfbbabc93
a6d1f1fa19e933c9da1306cbda5e0528ea1f73d0d9afecdfc1566fe9d7e682b8
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/i11black.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 241130
last-modified: Mon, 25 Apr 2022 03:21:08 GMT
etag: "3adea-5dd721137ed13"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/default.png
45.76.148.82200 OK 95 kB URL HTTP/2 42.winprizes542.digital/th1paff/default.png
IP 45.76.148.82:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 8adac2b1f6fec2ad7a323668d7fcd96a
5b875ce4cc5fa5576fdcf13385c0c5b53631e691
1609915700b5b68a54051d6207d11d02cfebb54f9038e8a01e8ca67ddfb6d9e4
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/default.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 94803
last-modified: Mon, 25 Apr 2022 03:21:06 GMT
etag: "17253-5dd72111adf8a"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/like_user_1.jpg
45.76.148.82200 OK 1.3 kB URL HTTP/2 42.winprizes542.digital/th1paff/like_user_1.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 2aa0d43e70d60d76ac4bdff139f8c7cb
d7e3433297ad90f5d99249aee29b645265c9f3eb
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/like_user_1.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 1293
last-modified: Mon, 25 Apr 2022 03:21:08 GMT
etag: "50d-5dd72113bb5d5"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/spin_prize2.png
45.76.148.82200 OK 2.8 kB URL HTTP/2 42.winprizes542.digital/th1paff/spin_prize2.png
IP 45.76.148.82:0
File type PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data
Hash f278c8d30fc51b72e0774b9ecb49214c
03b574db82b31ee5758eb5093fda8ea25d1b00d8
43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/spin_prize2.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42.winprizes542.digital/th1paff/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 2814
last-modified: Mon, 25 Apr 2022 03:21:10 GMT
etag: "afe-5dd721150e3bc"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/action_icons_20px_2x.png
45.76.148.82200 OK 1.7 kB URL HTTP/2 42.winprizes542.digital/th1paff/action_icons_20px_2x.png
IP 45.76.148.82:0
File type PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Hash b699975b5fe73b087e711a33ff24ee1e
0e33cc5c32a5e7d18440751e3946076664caaf53
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /th1paff/action_icons_20px_2x.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42.winprizes542.digital/th1paff/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 1726
last-modified: Mon, 25 Apr 2022 03:21:06 GMT
etag: "6be-5dd72111551a8"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/comment_action_2x.png
45.76.148.82200 OK 641 B URL HTTP/2 42.winprizes542.digital/th1paff/comment_action_2x.png
IP 45.76.148.82:0
File type PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Hash e9b3872b3e63e19728176d45f0aa6986
b638f89d5d80c4cd65327da973c52f778e30bd55
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/comment_action_2x.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://42.winprizes542.digital/th1paff/clean.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 641
last-modified: Mon, 25 Apr 2022 03:21:06 GMT
etag: "281-5dd72111a04c9"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/prizewheel11.png
45.76.148.82200 OK 604 kB URL HTTP/2 42.winprizes542.digital/th1paff/prizewheel11.png
IP 45.76.148.82:0
File type PNG image data, 1002 x 1002, 8-bit/color RGBA, non-interlaced\012- data
Size 604 kB (604427 bytes)
Hash 666bd514461839dc5d796c0c1061c677
a6ac8413ef5375b0d35a85bf167b4b771c1c323b
5d37922d8303b80fdf20e8eabafee70f0d3adcafe56bb285d00190014201e845
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/prizewheel11.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 604427
last-modified: Mon, 25 Apr 2022 03:21:09 GMT
etag: "9390b-5dd721144cdf8"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/like_user_2.jpg
45.76.148.82200 OK 1.2 kB URL HTTP/2 42.winprizes542.digital/th1paff/like_user_2.jpg
IP 45.76.148.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f9299c2023539a8f27a6e1b12ed260e5
046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/like_user_2.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 1216
last-modified: Mon, 25 Apr 2022 03:21:08 GMT
etag: "4c0-5dd72113ca035"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/th11.jpg
45.76.148.82200 OK 33 kB URL HTTP/2 42.winprizes542.digital/th1paff/th11.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 512x512, components 3\012- data
Hash ffe51ab982f112629842aba9714b9070
b371e6d6e449245aed93ca0bb9382dbf083b72b9
e3027b9fd073f418da9e7176905e7afd3ac4dcb5e6a527b04067dc77ef17f177
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/th11.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 33011
last-modified: Mon, 25 Apr 2022 03:21:10 GMT
etag: "80f3-5dd7211541fdd"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/th12.jpg
45.76.148.82200 OK 5.3 kB URL HTTP/2 42.winprizes542.digital/th1paff/th12.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 30d34d7628e91a67ef9b6c701751b82d
5a68e5bc09bacac96949950392ede472110b9bfd
179f31c7ce696f846a1b66f023950feaa98369e3d57ce5d4b638b53bab20d2de
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/th12.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 5337
last-modified: Mon, 25 Apr 2022 03:21:10 GMT
etag: "14d9-5dd721155585d"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/th13.jpg
45.76.148.82200 OK 5.2 kB URL HTTP/2 42.winprizes542.digital/th1paff/th13.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 79428c15f4cb8d4c22f0ae8844e327d7
b34513fac8649885f2e9ce9940b26e9f7f47d8bb
7e257b9661a3c2ef7598ad3b7e10133e9a4c97cbe389f0363bd103b841d43076
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/th13.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 5238
last-modified: Mon, 25 Apr 2022 03:21:10 GMT
etag: "1476-5dd72115661fd"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/th14.jpg
45.76.148.82200 OK 6.0 kB URL HTTP/2 42.winprizes542.digital/th1paff/th14.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 4387f4c0cbae645d5d7442254e7cc560
99b2c3a509f515fc9e53c8b018ba6b47028afbe1
116ad309253857cb0844a375919bf6af104efc407355e64a5cabf600cc70a67b
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/th14.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 5988
last-modified: Mon, 25 Apr 2022 03:21:10 GMT
etag: "1764-5dd721157aa1e"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/th16.jpg
45.76.148.82200 OK 4.1 kB URL HTTP/2 42.winprizes542.digital/th1paff/th16.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 487c9c7e98edf8c07cd5cef5a7c3e48d
a27e943677cc67810eb71f7f889969d2ca52e390
1f49025ec428748511a8f75e7b4d47072fd0f7ce4cb4107592241570bd324356
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/th16.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 4130
last-modified: Mon, 25 Apr 2022 03:21:10 GMT
etag: "1022-5dd72115a1b1f"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/th15.jpg
45.76.148.82200 OK 3.9 kB URL HTTP/2 42.winprizes542.digital/th1paff/th15.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash d8996a573db7acb91022ed0d671a1495
175685d525ff01441445e0c585ddbf9d867de6e4
cb72127809614325373d8eaf864c013df8c0f4bace2d3e55e94c8ec5faa91753
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/th15.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 3856
last-modified: Mon, 25 Apr 2022 03:21:10 GMT
etag: "f10-5dd721158c35e"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/th17.jpg
45.76.148.82200 OK 4.5 kB URL HTTP/2 42.winprizes542.digital/th1paff/th17.jpg
IP 45.76.148.82:0
File type JPEG image data, baseline, precision 8, 128x128, components 3\012- data
Hash 2444132c4b20c85e0c9526f3b35a2524
eb394ff3f1a3e2fadc7a8912e8929e218270e733
dfa6330186654634effccd2138f9ccd398bd743328b42a847ebe220c7a5dcff5
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/th17.jpg HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/jpeg
content-length: 4513
last-modified: Mon, 25 Apr 2022 03:21:10 GMT
etag: "11a1-5dd72115b43ff"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/footer_right.png
45.76.148.82200 OK 4.9 kB URL HTTP/2 42.winprizes542.digital/th1paff/footer_right.png
IP 45.76.148.82:0
File type PNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data
Hash 0e786b7344ac0b63609290a3a415fc4f
c2e77827e895aaa13522f1c5c0ef79d4caef0bb2
f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/footer_right.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 4919
last-modified: Mon, 25 Apr 2022 03:21:06 GMT
etag: "1337-5dd72111cb44a"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/clip_footer_3.png
45.76.148.82200 OK 2.5 kB URL HTTP/2 42.winprizes542.digital/th1paff/clip_footer_3.png
IP 45.76.148.82:0
File type PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data
Hash e1b626392882cc25b4d891afaa68afd4
454d7abdbc2548d04feb95436ea0ab4126b4f00b
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /th1paff/clip_footer_3.png HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:35 GMT
content-type: image/png
content-length: 2460
last-modified: Mon, 25 Apr 2022 03:21:06 GMT
etag: "99c-5dd721117f189"
accept-ranges: bytes
X-Firefox-Spdy: h2
42.winprizes542.digital/favicon.ico
45.76.148.82404 Not Found 0 B URL HTTP/2 42.winprizes542.digital/favicon.ico
IP 45.76.148.82:0
GET /favicon.ico HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 24 Oct 2022 04:25:36 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
42.winprizes542.digital/th1paff/thaff22n4.html?city=Celina&model=Pixel%204&brand=Google&isp=Google%20Cloud&browser=Chrome%20Mobile&cep=Iad2nGi_DeJITyLzbCQSOalTxsaDTTj4drlBqqb99MEoU8Qt1fJd7wmqKhXtPx2hCKcgMrEsjNmEElYJkjB8Onaa9hnEeZ4AywCDljUNmnyqB0E7VmmRZDdxva7apOtG2CS3B4McyR0vci0j-PEWl6-nw6gqsn5zSzMn_5wyvyn0V94dD6nHAlNWBA3LVO_ncbUvLZiybtY5yzzFEVPjjQvrRDBRc0Sz4TmNnChsn2xdydMwvMxNjVlu7wd6jU2vxr6R0uWDNNlfyrYuZddoWCZjbYPev7lZwzA5GdyiMhytcidQDDboS7ylrAsCvWHnNNoJ7z2w2qvgtB_UmoCo0SYRbk1ngIa9zWCAGpd8Wq30-g8LkYCym-4YgvYUINhCIbdAxzyKSYiuIe-4rKMUthmOQ0ja_xvTbnPIT6HITQA&lptoken=1663667c5775547e056a
45.76.148.82200 OK 0 B URL HTTP/2 42.winprizes542.digital/th1paff/thaff22n4.html?city=Celina&model=Pixel%204&brand=Google&isp=Google%20Cloud&browser=Chrome%20Mobile&cep=Iad2nGi_DeJITyLzbCQSOalTxsaDTTj4drlBqqb99MEoU8Qt1fJd7wmqKhXtPx2hCKcgMrEsjNmEElYJkjB8Onaa9hnEeZ4AywCDljUNmnyqB0E7VmmRZDdxva7apOtG2CS3B4McyR0vci0j-PEWl6-nw6gqsn5zSzMn_5wyvyn0V94dD6nHAlNWBA3LVO_ncbUvLZiybtY5yzzFEVPjjQvrRDBRc0Sz4TmNnChsn2xdydMwvMxNjVlu7wd6jU2vxr6R0uWDNNlfyrYuZddoWCZjbYPev7lZwzA5GdyiMhytcidQDDboS7ylrAsCvWHnNNoJ7z2w2qvgtB_UmoCo0SYRbk1ngIa9zWCAGpd8Wq30-g8LkYCym-4YgvYUINhCIbdAxzyKSYiuIe-4rKMUthmOQ0ja_xvTbnPIT6HITQA&lptoken=1663667c5775547e056a
IP 45.76.148.82:0
GET /th1paff/thaff22n4.html?city=Celina&model=Pixel%204&brand=Google&isp=Google%20Cloud&browser=Chrome%20Mobile&cep=Iad2nGi_DeJITyLzbCQSOalTxsaDTTj4drlBqqb99MEoU8Qt1fJd7wmqKhXtPx2hCKcgMrEsjNmEElYJkjB8Onaa9hnEeZ4AywCDljUNmnyqB0E7VmmRZDdxva7apOtG2CS3B4McyR0vci0j-PEWl6-nw6gqsn5zSzMn_5wyvyn0V94dD6nHAlNWBA3LVO_ncbUvLZiybtY5yzzFEVPjjQvrRDBRc0Sz4TmNnChsn2xdydMwvMxNjVlu7wd6jU2vxr6R0uWDNNlfyrYuZddoWCZjbYPev7lZwzA5GdyiMhytcidQDDboS7ylrAsCvWHnNNoJ7z2w2qvgtB_UmoCo0SYRbk1ngIa9zWCAGpd8Wq30-g8LkYCym-4YgvYUINhCIbdAxzyKSYiuIe-4rKMUthmOQ0ja_xvTbnPIT6HITQA&lptoken=1663667c5775547e056a HTTP/1.1
Host: 42.winprizes542.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:25:34 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Wed, 07 Sep 2022 11:47:46 GMT
etag: W/"424d-5e814e1a3843d"
content-encoding: br
X-Firefox-Spdy: h2