dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
301 Moved Permanently 0 B URL HTTP/1.1 dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 04:27:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 24 Oct 2022 05:27:36 GMT
Location: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bgf4SJQ0NNZ6cq6dTwkvswfIatp3kM%2BKQMXlMhCarf3iHAs5pfIueXzXPWjZrVnk%2FwT7x6xWqzkH82YKU%2BTfPxVlvac5xlgetnGsm5Wa%2BBMQC%2BU8JqGfaZAM3pCbuKw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75eff5ff791bb524-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 03:52:56 GMT
Expires: Mon, 24 Oct 2022 04:22:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Md4uoI2--kDoRQ34_zsrCTQ6YO2L8zbEHxMX19T0sgqtleIhKgpP6Q==
Age: 2080
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2337
Expires: Mon, 24 Oct 2022 05:06:33 GMT
Date: Mon, 24 Oct 2022 04:27:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2384
Expires: Mon, 24 Oct 2022 05:07:20 GMT
Date: Mon, 24 Oct 2022 04:27:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: muJeyCk8v7QYpXtVhgY0cSYUGNOVUld44NveymruTMCIpdYlqmig12fbzgDVJcs5UA+vOOzOnMM=
x-amz-request-id: 0J70GMVB4VJPPCEY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 03:38:14 GMT
age: 2962
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/RN2N1XhtK3I
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/RN2N1XhtK3I
IP
Hash 6c175b2afc155f048b404238a5ee628b
2416cc1d7d1645e8b1dbf3133fc61ceca5e464aa
5d01ca4d7d5d51a2ff07fa3bc11a57907ad1fa9c09c0ea41a51f89a998e81d37
POST /s/gts1p5/RN2N1XhtK3I HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 04:27:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/RN2N1XhtK3I
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/RN2N1XhtK3I
IP
Hash 6c175b2afc155f048b404238a5ee628b
2416cc1d7d1645e8b1dbf3133fc61ceca5e464aa
5d01ca4d7d5d51a2ff07fa3bc11a57907ad1fa9c09c0ea41a51f89a998e81d37
POST /s/gts1p5/RN2N1XhtK3I HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 04:27:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dailyrew.xyz/RM/Rom5/rm-mg/r1.png
200 OK 1.7 kB URL HTTP/2 dailyrew.xyz/RM/Rom5/rm-mg/r1.png
IP
File type PNG image data, 119 x 85, 8-bit colormap, non-interlaced\012- data
Hash 45958b963a7b0c58ad7444d77e20c748
60e2fe5c32eca48cb489f97d90acc8faf9a8b6fe
1b90f30b41aa99fa5409153c57146d6a46ff5c156879fced67a98e2ec1fa67aa
GET /RM/Rom5/rm-mg/r1.png HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: image/png
content-length: 1672
last-modified: Mon, 17 Oct 2022 13:45:41 GMT
etag: "634d5c85-688"
expires: Sun, 20 Nov 2022 03:09:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 263903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N24rg6zknBaQki%2F33TNX3VgKZVQFOcH8iXUBj0e9HiRLbgXNXMF8s6qUPL25qipGMgv2761S14gg%2FFMirU1Sj3Vr42eoh5RhI0nYa%2BgMS2wSoDKl%2FwfibOEIX5gSIjI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6036fbdb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rm-mg/rm.jpeg
200 OK 8.4 kB URL HTTP/2 dailyrew.xyz/RM/Rom5/rm-mg/rm.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x93, components 3\012- data
Hash 37ba5bccd7289f5b87dd0a9b6c42c4a0
f2bb99511f5912927f98120abfc2038adc65ab47
d75694684509ad1c14385cfc3c9c30929769da72390ac2e67d06bdc8e19731d9
Analyzer Verdict Alert fortinet Phishing
GET /RM/Rom5/rm-mg/rm.jpeg HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: image/jpeg
content-length: 8383
last-modified: Mon, 17 Oct 2022 13:45:42 GMT
etag: "634d5c86-20bf"
expires: Wed, 16 Nov 2022 17:09:42 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 559074
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3clk4Ul3x0ZnXwK3%2BkRyJ%2Fc5%2F9gO5Opy1iM46yUGm2Zwh9iQhJ4bp01PLdwm6j9wwBD4HiXRyTKMUqO3fWa97Wrye7%2F9eY3Y%2Fw6YjH4%2FSX3yx1lFLJa5wxoWTDLsves%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6036fbfb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rm-mg/rm1.png
200 OK 62 kB URL HTTP/2 dailyrew.xyz/RM/Rom5/rm-mg/rm1.png
IP
File type PNG image data, 400 x 331, 8-bit/color RGBA, non-interlaced\012- data
Hash ed341035fe8de9b8dedd8262058ccbfc
0f39b70462925fa767d01d734e89292b76aeb496
5c54c63d811212b0880ce2431b981eb804ceae3d81552ca18b778e8c1fe917e3
GET /RM/Rom5/rm-mg/rm1.png HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: image/png
content-length: 62326
last-modified: Mon, 17 Oct 2022 13:45:43 GMT
etag: "634d5c87-f376"
expires: Sun, 20 Nov 2022 03:09:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 263903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2wzy%2FFlgYXkBV%2B2BM9WgTR8%2BmEMpS83aNEmV%2FyxogDpTSgl6tCzlrhrmFqt5PNDAzkDvGq2Bv9JQf9vqgQzcGxtya9Giqexohr3s9kDSpVPP49MZQ%2BorZU1EJGDGdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6036fc2b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rm-mg/rm2.png
200 OK 4.0 kB URL HTTP/2 dailyrew.xyz/RM/Rom5/rm-mg/rm2.png
IP
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c420ffc936b3445640d26324b252976
fd620c4b7e19bbccb4ee707f238e57e46d75f7d2
5f802b3e7e9294978951b0c546d38c1bc26d2de92068c413d0637c320197a885
GET /RM/Rom5/rm-mg/rm2.png HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: image/png
content-length: 4006
last-modified: Mon, 17 Oct 2022 13:45:43 GMT
etag: "634d5c87-fa6"
expires: Sun, 20 Nov 2022 03:09:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 263903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmyplfkThSxgnCyE189p2L4ouy44cg5SbnP0ar6Uq3s73uJ9nby3Zpyh0bJ%2FBJm0mXKDm9LaxbB7GBEaGB8JWaTwl28fnwAC7AZPuxHElIkgAAG8sK%2FJAi4c%2BDXvKj4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6036fc3b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rm-mg/rmm.jpg
200 OK 36 kB URL HTTP/2 dailyrew.xyz/RM/Rom5/rm-mg/rmm.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=397, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=987], baseline, precision 8, 370x149, components 3\012- data
Hash 896df57c01033eb025cee1c3aaeb40b4
f36442625af062d404c6851f8b365045d1375880
0034262f967d36a6f42330683868a7335b46a83135f4e490cf21a5a021a635a7
GET /RM/Rom5/rm-mg/rmm.jpg HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: image/jpeg
content-length: 35476
last-modified: Mon, 17 Oct 2022 13:45:45 GMT
etag: "634d5c89-8a94"
expires: Sun, 20 Nov 2022 03:09:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 263903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9Msi6Mlxp5dTViSS%2B55BUn%2BfOKTmLs0gm0Barfw4OQmnZ31vI3UeGaLWipM6HcuLquSxDteA0ah7RemQQ9xdvRhsbQcoQ7c5m9A1cjoZZSoZKLyGOQZB8fJfA7GpUg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6037fc6b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rm-mg/rm.gif
200 OK 122 kB URL HTTP/2 dailyrew.xyz/RM/Rom5/rm-mg/rm.gif
IP
File type GIF image data, version 89a, 246 x 246\012- data
Size 122 kB (121587 bytes)
Hash 1f32223b3bcbe23d6efe15d914206440
1faa0c1e65002ca3880cb764be63abef5a3efac5
c0f27622e1c77dfe225b6e2637211c61861471c39e585461a5dc55017950e92a
GET /RM/Rom5/rm-mg/rm.gif HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: image/gif
content-length: 121587
last-modified: Mon, 17 Oct 2022 13:45:44 GMT
etag: "634d5c88-1daf3"
expires: Sun, 20 Nov 2022 03:09:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 263903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MwtKWUzVehiT%2F6ukjIhBZ5GCF%2FtkwiO3cTncBkiDLlJccp%2FoVgeEKw5IsY0db1dQlig1fIcipAAwNkasw%2BHjXvp5n5i2TWYYElGhrVzGuOG7ekF2ODbPkWKRGVKVbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6037fc5b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rm-mg/rm3.jpg
200 OK 1.7 kB URL HTTP/2 dailyrew.xyz/RM/Rom5/rm-mg/rm3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 7f270db78252137de9179308d6cf66d8
9173b4cff5eafec57c4c8f0cebcc53a147031608
44dd4015c5a43c37071433be5261f970199950e37c6bc89b13ada1f9de26f57c
GET /RM/Rom5/rm-mg/rm3.jpg HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: image/jpeg
content-length: 1681
last-modified: Mon, 17 Oct 2022 13:45:43 GMT
etag: "634d5c87-691"
expires: Wed, 16 Nov 2022 17:09:42 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 559074
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4asvJKYCNggVbJ5hNyM3D8rkGMIp5IgihIQIMno%2FQd%2F4589CMriE0JNh2PzYy7djS3paBcoPrEHnI4xibifNoYN0UhTS8rPrNgcbKuCo4UKuVnImZf1d5rI3dn3ot8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6037fc8b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
200 OK 36 kB URL HTTP/2 dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (304), with CRLF line terminators
Hash f5d43fbf4317ddf34c16a481d41cb7cb
90fa6a50a9cf02bc7eaa796a80d65b4ba55d6a0b
d4ab3e66ab0c3da2c8940c25a01a59da60ed6ce36379ad73ec22a30732ae8b76
GET /RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: text/html
last-modified: Mon, 17 Oct 2022 13:45:33 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoqdyfOU1X%2FFeBwIMvjCwzxs4w6VH4oNInYcyER7B3U%2Bbg4z9jHJYT7Bnro2Xor7yDXVlIKaETxx9HPxPXmYRdBgZbQ14MLrcKdnWcJ1F3SlXRq6ncufxq36jmr7WR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75eff601ce5eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 03:33:32 GMT
Expires: Mon, 24 Oct 2022 03:52:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6Vd30YL5GoylKWZfi6HG6Qzrezib7nVen-rxR4qg1Om_B-b_9RYjmg==
Age: 3245
ocsp.digicert.com/
200 OK 471 B IP
Hash 60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 967
Cache-Control: max-age=100513
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 04:27:37 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 08:22:50 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XfL1P7y5NCxRPpSdFsQY/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hp03pmIw7kNHa8yyeIZgv0F84Oo=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3121
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:27:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3121
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:27:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3121
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:27:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3121
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:27:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3121
Expires: Mon, 24 Oct 2022 05:19:40 GMT
Date: Mon, 24 Oct 2022 04:27:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75bf2c3-b1dc-465c-ba9a-30b41f6f5cac.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75bf2c3-b1dc-465c-ba9a-30b41f6f5cac.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9b1a13676d3fac304595806959135a2
9c16b23d37594b041cf8678399e6eaeb690346a9
7bc8f67670709caae6b39435fdaa3e5c71b9b30db76c006cc2c841300291a246
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75bf2c3-b1dc-465c-ba9a-30b41f6f5cac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9568
x-amzn-requestid: 0a162a3c-1723-4926-8651-7d22ecade080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelN4EVKoAMFWnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58b-10dae6262d730d1f12c50a20;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e6PyqYG1xwBqFI9Xgbwto7aYrv_0Mu4OKyRfuLUFWberMEF00Qo5QA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:46:36 GMT
age: 24063
etag: "9c16b23d37594b041cf8678399e6eaeb690346a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83541a1138889c5e692e7021c073f990
b42a826513836e4bad11289a5ccec0966d0c6d11
7467154701943711c92a10449baf4f7eac42b31046f17778667db5ba673dd67f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9acbb6c9-f155-44fe-887b-d36b421dfa63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11434
x-amzn-requestid: 0970e5a1-a1dd-4685-b2a2-b748327b5e27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOOEwHoAMFWzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58e-30834eff039ef76267bf3459;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IGk98fgPhfTOLjKNa2rJJICeulHimmnIuJOSY9jJ31Lb6EXLozwT1A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:01:50 GMT
age: 23149
etag: "b42a826513836e4bad11289a5ccec0966d0c6d11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 28s2Fwd7CYJpmy57dsIok6owygvyqng_WwlfbKApRjznSlULtnSJqw==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:56:12 GMT
age: 23487
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ae7697-e0dd-4241-8fa3-421d0afa30b2.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ae7697-e0dd-4241-8fa3-421d0afa30b2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 836493e741614372048950791620e0f6
5f76016783f0207ff08326e93caf3979cd0b7ff8
5c5e19373abd4425c1c7d8ff79d8d6988a0d92e26b815b7d3f4c13206279848c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ae7697-e0dd-4241-8fa3-421d0afa30b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7277
x-amzn-requestid: da7decff-e670-46b4-9526-db7350e04ce5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0GLPIAMFSJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-567abeb223dcf89d50bb1be9;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jWtC6PwkiVADGDvqAFtDXunBJTM2j-lNBPd-1M0luU9f1vDMACs6Yw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:59:56 GMT
age: 23263
etag: "5f76016783f0207ff08326e93caf3979cd0b7ff8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9983bdfe8dbe8386970aae586bb57575
4c5ff521fec700a1cda73325eebbeb88f97baa39
775d510a8d82ed993085e3d828c33b75eee99db2911b90d6151faf5c2e25b5d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee5168c9-3f97-43d9-a9b4-3b0f415b3bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: 8d639b03-49d2-411b-b0ca-39c5dafe21f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelOtF6YIAMF-4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b591-230070a06848d4d90ea4f6ef;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mYzFAcyUErnaOlGBX0ygFYZ4608EanLq5V4xzX7qCHQRGzkKwwWvHw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 22:14:18 GMT
age: 22401
etag: "4c5ff521fec700a1cda73325eebbeb88f97baa39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f174281da48e4a62aab93bcdc57d14a
8ee29d073b84530a30bb370838598115f1a65da8
0096edb7703f0bcea7e5c0d5b529482eceea9123f5f3b278f3f9012f87875f1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F869ea046-6a24-4b66-a52f-bc9a678d7ebb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8400
x-amzn-requestid: b1436934-5b97-4aa8-937a-78bce0b9181c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelN4GACoAMFYmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b58b-29da495d75578b3c20eb37ba;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:43:39 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EmusO-_70hMOdHGlmVAeiZI8nFPDJuJEsxtzTB4-j_8NDsIqwPVk_Q==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 21:54:06 GMT
age: 23613
etag: "8ee29d073b84530a30bb370838598115f1a65da8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oungimuk.net/pfe/current/micro.tag.min.js?z=5405800&sw=/sw-check-permissions-a550d.js
200 OK 0 B URL HTTP/2 oungimuk.net/pfe/current/micro.tag.min.js?z=5405800&sw=/sw-check-permissions-a550d.js
IP
GET /pfe/current/micro.tag.min.js?z=5405800&sw=/sw-check-permissions-a550d.js HTTP/1.1
Host: oungimuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 04:27:37 GMT
content-type: application/javascript
last-modified: Thu, 20 Oct 2022 16:39:30 GMT
etag: W/"635179c2-126ff"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rmcss/rm.css
200 OK 0 B URL HTTP/2 dailyrew.xyz/RM/Rom5/rmcss/rm.css
IP
GET /RM/Rom5/rmcss/rm.css HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 13:45:36 GMT
etag: W/"634d5c80-2b00"
expires: Sun, 20 Nov 2022 03:09:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 263903
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ic8H4TGEHKpyMRXLUaJ9IlbBtbwCrhrVbvzIAp4uZj%2BSeSrO4M0DDZArGUgC18Wjdh%2FQt0XPS9ku66gDowkvXEYgjzfAXPrQ2O2wc5ZNUP7EuQoaowN2rD4QqfSfyEc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6035fb7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rmcss/bootstrap.min.css
200 OK 0 B URL HTTP/2 dailyrew.xyz/RM/Rom5/rmcss/bootstrap.min.css
IP
GET /RM/Rom5/rmcss/bootstrap.min.css HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 13:45:38 GMT
etag: W/"634d5c82-2606e"
expires: Sun, 20 Nov 2022 03:09:13 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 263903
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7FPZx9%2BqxhiFhKQ0uYBaehaUT4we2gGBFTqAv%2FvIGRU%2FCwUauuUzAYIyei8y7DmvjzA%2B%2BNh3P2VWcAHBI%2Fb8Ba1C6kYR8WVmr0igkTmfRItg3IKnn9HQ0b9GAIXTq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6035fb5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dailyrew.xyz/RM/Rom5/rmjs/bootstrap.bundle.min.js
200 OK 0 B URL HTTP/2 dailyrew.xyz/RM/Rom5/rmjs/bootstrap.bundle.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /RM/Rom5/rmjs/bootstrap.bundle.min.js HTTP/1.1
Host: dailyrew.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dailyrew.xyz/RM/Rom5/?devicemodel=&browser=Edge%20(Chromium)%20for%20Windows&ip=2600:1900:2001:2::24&bemobdata=c=2e8a0f04-effe-458c-8179-60485c87d671..l=2b5dcf77-5b9b-4dbe-8cf9-708575a77256..a=0..b=0..r=cn47e.bemobtrk.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Oct 2022 04:27:36 GMT
content-type: application/javascript
last-modified: Mon, 17 Oct 2022 13:45:39 GMT
etag: W/"634d5c83-1332b"
expires: Wed, 16 Nov 2022 17:09:42 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 559074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tB2t3Mh9PjaeV3pYho42nGVt6K5r3pbcSO1PnI%2Fn00h4GjCj%2B5at5HUkmydjflkrgzPbLu0lECbki1jeCYbt1Z78LhGaDxrxeHvuZ%2F9GfX56y8ASQPTou2vjiDO9%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75eff6036fbbb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.74.131
34.160.144.191
23.36.76.226
93.184.220.29
104.21.74.131