urlquery - report: 60.winprizes660.monster/th1paff/thaffreboot4.html?city=Celina&model=Android%2010.0&brand=Generic&isp=Google%20Cloud&browser=Firefox%20Focus&cep=Sf78vk0-8y6g5rHrs-p0VBUS3_c4olquzhrWKjpbnyeoBYTEbNnkD_9ENoqf2UoRQJcW5UE0_OZSWa0kslobxQuezN-0mgwIjvwheif3vdp5wpNdywu6K9kyM-jUwBQf7JbKaIG5wg0PmeGHqA1QyBnJ5Iv00S75Vkok8_zu_gyOx3DiAGcnjMzG_JFYs2c9j9iyQpbOLqRVImT1dR6aKkdLu_SDswIohngir6gFzJUBq-9hmmdt1krqwjsP0qrkDPbR6QPfRVhCNlGUwEvli3iVE7stonTAW5DU-gusdEPTSVIrvZ75RLTSYWWAT_5xDFAvY1WmskdUzNXPMiwm3WKfaRaKtuBhRBXp3nc_tDgm6mtMsjfGd2yloCq4pY80Ay0i97ryYg7anERDeCB4fpFIVUX2A1Opdn9jKX5azBY&lptoken=16c16922854f51bf91b1

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-11-30 17:19:42 UTC	34.160.144.191
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-30 17:12:31 UTC	34.102.187.140
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-30 17:13:24 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-11-30 17:12:17 UTC	35.161.230.192
push.winprizes660.monster (1)	0	2022-11-23 04:20:24 UTC	2022-11-30 13:48:23 UTC	216.104.36.158	Unknown ranking
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-11-30 17:12:16 UTC	23.36.76.226
60.winprizes660.monster (22)	0	2022-11-13 14:20:28 UTC	2022-11-30 04:16:49 UTC	45.76.148.82	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-11-30 17:26:07 UTC	34.120.237.76
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2022-11-30 20:24:46 UTC	93.184.220.29

Date	UQ / IDS / BL	URL	IP
2023-01-29 21:01:59 +0000	1 - 0 - 3	64.winprizes564.digital/vnwheel/vnwheel.html? (...)	45.76.148.82
2023-01-29 17:56:46 +0000	0 - 1 - 7	30.winprizes630.lol/thpp2/thpp10.html	45.76.148.82
2023-01-29 15:56:01 +0000	1 - 0 - 3	46.winprizes546.digital/vn/vnpro1.html?city=M (...)	45.76.148.82
2023-01-29 14:13:54 +0000	0 - 1 - 6	30.winprizes630.lol/thpp2/thpp10.html?city=Mo (...)	45.76.148.82
2023-01-29 06:04:15 +0000	0 - 0 - 6	66.winprizes666.monster/engaff/phaff2022n4.html	45.76.148.82

Date	UQ / IDS / BL	URL	IP
2023-01-29 21:01:59 +0000	1 - 0 - 3	64.winprizes564.digital/vnwheel/vnwheel.html? (...)	45.76.148.82
2023-01-29 20:43:13 +0000	0 - 0 - 8	207.148.31.232/	207.148.31.232
2023-01-29 20:19:10 +0000	2 - 5 - 4	whatsapp-bokep1.zzux.com/	45.77.248.253
2023-01-29 20:08:07 +0000	0 - 3 - 2	45.32.114.141/xilte/SYtPsYVOaJpNvcqVTOi/	45.32.114.141
2023-01-29 20:07:07 +0000	0 - 3 - 2	45.32.114.141/xilte/Uqm6Eysf3Hkjwh/	45.32.114.141

Date	UQ / IDS / BL	URL	IP
2023-01-29 04:55:50 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-01-28 23:55:09 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-01-27 05:44:52 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-01-26 22:55:21 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-01-23 00:56:11 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82

Date	UQ / IDS / BL	URL	IP
2023-01-29 04:55:50 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-01-28 23:55:09 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-01-28 20:53:00 +0000	1 - 1 - 1	track.rendan-compto.com/dbc5e78a-02c0-40d4-b7 (...)	18.195.128.171
2023-01-27 05:44:52 +0000	1 - 0 - 0	60.winprizes660.monster/th1paff/thaffreboot4. (...)	45.76.148.82
2023-01-25 07:57:37 +0000	1 - 0 - 1	track.rendan-compto.com/6b1c67d2-ce01-4f2d-b5 (...)	18.195.128.171

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6151 Expires: Thu, 01 Dec 2022 01:52:44 GMT Date: Thu, 01 Dec 2022 00:10:13 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a5daf4dc99951793ae2315d4795e8146 Sha1: 4427507ca4d3a5632cc8f598afbc85e2195d00bd Sha256: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6778 Expires: Thu, 01 Dec 2022 02:03:11 GMT Date: Thu, 01 Dec 2022 00:10:13 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9fce5679881bf302a8978a0b462f01a9 Sha1: b699fe030ea13ac73813e655c42ed9b531925e2b Sha256: a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5295 Cache-Control: max-age=128961 Date: Thu, 01 Dec 2022 00:10:13 GMT Etag: "638730f7-1d7" Expires: Fri, 02 Dec 2022 11:59:34 GMT Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: f3cf023c797da81728c0ac84c8759331 Sha1: fa07c5e39e4b0741ea484101cccb2202acea9d9c Sha256: 5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: FSMXc6MWjM88zTDbkgvKJzxcYXCxDXXmQDH22cbyAz7xPF37Xr2GTxBQ168+4YJPzn01RDJPxqE= x-amz-request-id: DMXZ24YEJMAGDAK7 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 30 Nov 2022 23:45:26 GMT age: 1487 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 30 Nov 2022 23:18:04 GMT cache-control: public,max-age=3600 age: 3129 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /th1paff/thaffreboot4.html?city=Celina&model=Android%2010.0&brand=Generic&isp=Google%20Cloud&browser=Firefox%20Focus&cep=Sf78vk0-8y6g5rHrs-p0VBUS3_c4olquzhrWKjpbnyeoBYTEbNnkD_9ENoqf2UoRQJcW5UE0_OZSWa0kslobxQuezN-0mgwIjvwheif3vdp5wpNdywu6K9kyM-jUwBQf7JbKaIG5wg0PmeGHqA1QyBnJ5Iv00S75Vkok8_zu_gyOx3DiAGcnjMzG_JFYs2c9j9iyQpbOLqRVImT1dR6aKkdLu_SDswIohngir6gFzJUBq-9hmmdt1krqwjsP0qrkDPbR6QPfRVhCNlGUwEvli3iVE7stonTAW5DU-gusdEPTSVIrvZ75RLTSYWWAT_5xDFAvY1WmskdUzNXPMiwm3WKfaRaKtuBhRBXp3nc_tDgm6mtMsjfGd2yloCq4pY80Ay0i97ryYg7anERDeCB4fpFIVUX2A1Opdn9jKX5azBY&lptoken=16c16922854f51bf91b1 HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 60.winprizes660.monster/th1paff/thaffreboot4.html?city= (...) FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: cdb8183280919b290f95827a9d99807ef0323f555c00cb78703a0af682fcdb50 45.76.148.82 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Server: nginx Date: Thu, 01 Dec 2022 00:10:13 GMT Content-Length: 1015 Connection: keep-alive Location: https://60.winprizes660.monster/th1paff/thaffreboot4.html?city=Celina&model=Android%2010.0&brand=Generic&isp=Google%20Cloud&browser=Firefox%20Focus&cep=Sf78vk0-8y6g5rHrs-p0VBUS3_c4olquzhrWKjpbnyeoBYTEbNnkD_9ENoqf2UoRQJcW5UE0_OZSWa0kslobxQuezN-0mgwIjvwheif3vdp5wpNdywu6K9kyM-jUwBQf7JbKaIG5wg0PmeGHqA1QyBnJ5Iv00S75Vkok8_zu_gyOx3DiAGcnjMzG_JFYs2c9j9iyQpbOLqRVImT1dR6aKkdLu_SDswIohngir6gFzJUBq-9hmmdt1krqwjsP0qrkDPbR6QPfRVhCNlGUwEvli3iVE7stonTAW5DU-gusdEPTSVIrvZ75RLTSYWWAT_5xDFAvY1WmskdUzNXPMiwm3WKfaRaKtuBhRBXp3nc_tDgm6mtMsjfGd2yloCq4pY80Ay0i97ryYg7anERDeCB4fpFIVUX2A1Opdn9jKX5azBY&lptoken=16c16922854f51bf91b1 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (682) Size: 1015 Md5: 9fe70be6a455af03c3f41919695f834b Sha1: c858df36a4d8c11e622afb27c929a1f67fab83fb Sha256: cdb8183280919b290f95827a9d99807ef0323f555c00cb78703a0af682fcdb50
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 01 Dec 2022 00:10:13 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 30 Nov 2022 23:11:15 GMT cache-control: public,max-age=3600 age: 3539 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5291 Cache-Control: 'max-age=158059' Date: Thu, 01 Dec 2022 00:10:14 GMT Last-Modified: Wed, 30 Nov 2022 22:42:03 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: cfdd00e67ee6ca21712b867eb5288ab6 Sha1: b61d5d6ec3b7ad71619e13e32c87f2d01871b88a Sha256: f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: s8OuTVmMLRoFy5yBWfQM7g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.161.230.192 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.161.230.192 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 16li6HEfk+fdezgtt/Dv+RXQ2ic= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/pub.min.js HTTP/1.1 Host: push.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	URL: push.winprizes660.monster/js/pub.min.js FQDN: push.winprizes660.monster IP: 216.104.36.158 HASH: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be 216.104.36.158 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 1482 last-modified: Fri, 09 Sep 2022 11:46:08 GMT vary: Accept-Encoding etag: "631b2780-5ca" content-encoding: gzip expires: Fri, 02 Dec 2022 00:10:15 GMT cache-control: max-age=86400 strict-transport-security: max-age=31536000; includeSubdomains; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2752) Size: 1482 Md5: 31c303586c1b78e33984bd252b8e2644 Sha1: 8083e2aad4cbf8242a4e6fb53657d49552b85f82 Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
GET /th1paff/notify_2x.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/notify_2x.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 229 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "e5-5ee944f71957b" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced\012- data Size: 229 Md5: 988234626ae7a880ed9c6a92f6336c0f Sha1: 173967c2b59baed4a06997d874aba32ab65da201 Sha256: 4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314
GET /th1paff/menu_2x.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/menu_2x.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 124 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "7c-5ee944f71957b" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced\012- data Size: 124 Md5: 8f68efd9388ccd80b43759b2ed542305 Sha1: 9f2cf96efe3bdec2ab64bc51856619cc02958fe6 Sha256: 455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c
GET /th1paff/spin_prize2.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/spin_prize2.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 2814 last-modified: Tue, 29 Nov 2022 04:20:41 GMT etag: "afe-5ee944f9e0485" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 142 x 173, 8-bit colormap, non-interlaced\012- data Size: 2814 Md5: f278c8d30fc51b72e0774b9ecb49214c Sha1: 03b574db82b31ee5758eb5093fda8ea25d1b00d8 Sha256: 43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c
GET /th1paff/action_icons_20px_2x.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/action_icons_20px_2x.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 1726 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "6be-5ee944f28382a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data Size: 1726 Md5: b699975b5fe73b087e711a33ff24ee1e Sha1: 0e33cc5c32a5e7d18440751e3946076664caaf53 Sha256: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /th1paff/comment_action_2x.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://60.winprizes660.monster/th1paff/clean.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/comment_action_2x.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 641 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "281-5ee944f2d972b" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data Size: 641 Md5: e9b3872b3e63e19728176d45f0aa6986 Sha1: b638f89d5d80c4cd65327da973c52f778e30bd55 Sha256: a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
GET /th1paff/thaffreboot4.html?city=Celina&model=Android%2010.0&brand=Generic&isp=Google%20Cloud&browser=Firefox%20Focus&cep=Sf78vk0-8y6g5rHrs-p0VBUS3_c4olquzhrWKjpbnyeoBYTEbNnkD_9ENoqf2UoRQJcW5UE0_OZSWa0kslobxQuezN-0mgwIjvwheif3vdp5wpNdywu6K9kyM-jUwBQf7JbKaIG5wg0PmeGHqA1QyBnJ5Iv00S75Vkok8_zu_gyOx3DiAGcnjMzG_JFYs2c9j9iyQpbOLqRVImT1dR6aKkdLu_SDswIohngir6gFzJUBq-9hmmdt1krqwjsP0qrkDPbR6QPfRVhCNlGUwEvli3iVE7stonTAW5DU-gusdEPTSVIrvZ75RLTSYWWAT_5xDFAvY1WmskdUzNXPMiwm3WKfaRaKtuBhRBXp3nc_tDgm6mtMsjfGd2yloCq4pY80Ay0i97ryYg7anERDeCB4fpFIVUX2A1Opdn9jKX5azBY&lptoken=16c16922854f51bf91b1 HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: 60.winprizes660.monster/th1paff/thaffreboot4.html?city= (...) FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: c21d9bb53816f38da519e2e544f5b1c3c1f884d1f0acd8323fe124bcad620df6 45.76.148.82 HTTP/2 200 OK content-type: text/html server: nginx date: Thu, 01 Dec 2022 00:10:14 GMT vary: Accept-Encoding last-modified: Tue, 29 Nov 2022 04:23:50 GMT etag: W/"424d-5ee945adc91ac" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2343) Size: 608662 Md5: 66aa68c7f54fce221d5e381fa5a7e2ee Sha1: c7e17dc2a2a0e9b4ff5eeb8f854f5c0b5745ce00 Sha256: c21d9bb53816f38da519e2e544f5b1c3c1f884d1f0acd8323fe124bcad620df6
GET /th1paff/default.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/default.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 1609915700b5b68a54051d6207d11d02cfebb54f9038e8a01e8ca67ddfb6d9e4 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 94803 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "17253-5ee944f2e818b" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data Size: 94803 Md5: 8adac2b1f6fec2ad7a323668d7fcd96a Sha1: 5b875ce4cc5fa5576fdcf13385c0c5b53631e691 Sha256: 1609915700b5b68a54051d6207d11d02cfebb54f9038e8a01e8ca67ddfb6d9e4
GET /th1paff/like_user_1.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/like_user_1.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 1293 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "50d-5ee944f6c849a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data Size: 1293 Md5: 2aa0d43e70d60d76ac4bdff139f8c7cb Sha1: d7e3433297ad90f5d99249aee29b645265c9f3eb Sha256: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
GET /th1paff/i11black.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/i11black.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: a6d1f1fa19e933c9da1306cbda5e0528ea1f73d0d9afecdfc1566fe9d7e682b8 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 241130 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "3adea-5ee944f649558" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 828 x 828, 8-bit/color RGBA, non-interlaced\012- data Size: 241130 Md5: 13d47dc9e6696f67342dd750753a4f9c Sha1: 0939480dc263b6d311ec872929e6e0cdfbbabc93 Sha256: a6d1f1fa19e933c9da1306cbda5e0528ea1f73d0d9afecdfc1566fe9d7e682b8
GET /th1paff/like_user_2.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/like_user_2.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 1216 last-modified: Tue, 29 Nov 2022 04:20:38 GMT etag: "4c0-5ee944f6eb71a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data Size: 1216 Md5: f9299c2023539a8f27a6e1b12ed260e5 Sha1: 046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2 Sha256: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
GET /th1paff/th11.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th11.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: e3027b9fd073f418da9e7176905e7afd3ac4dcb5e6a527b04067dc77ef17f177 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 33011 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "80f3-5ee944fa9ace8" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 512x512, components 3\012- data Size: 33011 Md5: ffe51ab982f112629842aba9714b9070 Sha1: b371e6d6e449245aed93ca0bb9382dbf083b72b9 Sha256: e3027b9fd073f418da9e7176905e7afd3ac4dcb5e6a527b04067dc77ef17f177
GET /th1paff/th12.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th12.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 179f31c7ce696f846a1b66f023950feaa98369e3d57ce5d4b638b53bab20d2de 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 5337 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "14d9-5ee944fab04a8" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 5337 Md5: 30d34d7628e91a67ef9b6c701751b82d Sha1: 5a68e5bc09bacac96949950392ede472110b9bfd Sha256: 179f31c7ce696f846a1b66f023950feaa98369e3d57ce5d4b638b53bab20d2de
GET /th1paff/th13.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th13.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 7e257b9661a3c2ef7598ad3b7e10133e9a4c97cbe389f0363bd103b841d43076 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 5238 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "1476-5ee944fac4cc9" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 5238 Md5: 79428c15f4cb8d4c22f0ae8844e327d7 Sha1: b34513fac8649885f2e9ce9940b26e9f7f47d8bb Sha256: 7e257b9661a3c2ef7598ad3b7e10133e9a4c97cbe389f0363bd103b841d43076
GET /th1paff/th14.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th14.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 116ad309253857cb0844a375919bf6af104efc407355e64a5cabf600cc70a67b 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 5988 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "1764-5ee944fad75a9" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 5988 Md5: 4387f4c0cbae645d5d7442254e7cc560 Sha1: 99b2c3a509f515fc9e53c8b018ba6b47028afbe1 Sha256: 116ad309253857cb0844a375919bf6af104efc407355e64a5cabf600cc70a67b
GET /th1paff/th15.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th15.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: cb72127809614325373d8eaf864c013df8c0f4bace2d3e55e94c8ec5faa91753 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 3856 last-modified: Tue, 29 Nov 2022 04:20:42 GMT etag: "f10-5ee944faebdc9" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 3856 Md5: d8996a573db7acb91022ed0d671a1495 Sha1: 175685d525ff01441445e0c585ddbf9d867de6e4 Sha256: cb72127809614325373d8eaf864c013df8c0f4bace2d3e55e94c8ec5faa91753
GET /th1paff/th16.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th16.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: 1f49025ec428748511a8f75e7b4d47072fd0f7ce4cb4107592241570bd324356 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 4130 last-modified: Tue, 29 Nov 2022 04:20:43 GMT etag: "1022-5ee944fb005ea" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 4130 Md5: 487c9c7e98edf8c07cd5cef5a7c3e48d Sha1: a27e943677cc67810eb71f7f889969d2ca52e390 Sha256: 1f49025ec428748511a8f75e7b4d47072fd0f7ce4cb4107592241570bd324356
GET /th1paff/clip_footer_3.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/clip_footer_3.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 2460 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "99c-5ee944f2b262a" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data Size: 2460 Md5: e1b626392882cc25b4d891afaa68afd4 Sha1: 454d7abdbc2548d04feb95436ea0ab4126b4f00b Sha256: ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
GET /th1paff/th17.jpg HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/th17.jpg FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: dfa6330186654634effccd2138f9ccd398bd743328b42a847ebe220c7a5dcff5 45.76.148.82 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 4513 last-modified: Tue, 29 Nov 2022 04:20:43 GMT etag: "11a1-5ee944fb1abca" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 128x128, components 3\012- data Size: 4513 Md5: 2444132c4b20c85e0c9526f3b35a2524 Sha1: eb394ff3f1a3e2fadc7a8912e8929e218270e733 Sha256: dfa6330186654634effccd2138f9ccd398bd743328b42a847ebe220c7a5dcff5
GET /th1paff/footer_right.png HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/footer_right.png FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5 45.76.148.82 HTTP/2 200 OK content-type: image/png server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT content-length: 4919 last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: "1337-5ee944f324a4c" accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 168 x 66, 8-bit colormap, non-interlaced\012- data Size: 4919 Md5: 0e786b7344ac0b63609290a3a415fc4f Sha1: c2e77827e895aaa13522f1c5c0ef79d4caef0bb2 Sha256: f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15738 Expires: Thu, 01 Dec 2022 04:32:34 GMT Date: Thu, 01 Dec 2022 00:10:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
GET /th1paff/clean.css HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/th1paff/clean.css FQDN: 60.winprizes660.monster IP: 45.76.148.82 HASH: c90986e29e52332ceccca1aeb6a75debaf70aa7945376c2daa79ee68d3b29fb3 45.76.148.82 HTTP/2 200 OK content-type: text/css server: nginx date: Thu, 01 Dec 2022 00:10:15 GMT vary: Accept-Encoding last-modified: Tue, 29 Nov 2022 04:20:34 GMT etag: W/"2b87-5ee944f2b35ca" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (11143), with no line terminators Size: 3219 Md5: 22da40838d92a717d39a5653a37216bb Sha1: 09d3203913890c92855d270f2ac32f3810d1c7cb Sha256: c90986e29e52332ceccca1aeb6a75debaf70aa7945376c2daa79ee68d3b29fb3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15738 Expires: Thu, 01 Dec 2022 04:32:34 GMT Date: Thu, 01 Dec 2022 00:10:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15738 Expires: Thu, 01 Dec 2022 04:32:34 GMT Date: Thu, 01 Dec 2022 00:10:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15738 Expires: Thu, 01 Dec 2022 04:32:34 GMT Date: Thu, 01 Dec 2022 00:10:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9613 x-amzn-requestid: a46cc458-2e28-4ca7-b223-ba66256caef1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cTPfmEmKoAMFZvQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63845f96-7ecee5764c4a40e50e5b1f98;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:26 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 6p5kV3OCTlaiLWEa9wyeRJOYoxPNZwLhXGIbEnymaufjKL246zfrhw== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 06:20:48 GMT age: 64168 etag: "3628390c62642dcc375b28f58c9b48180c4abd73" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9613 Md5: b92721cbe24623f1713a5248d6a7c1b2 Sha1: 3628390c62642dcc375b28f58c9b48180c4abd73 Sha256: 37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 2150 x-amzn-requestid: b8ce8dbd-9109-4abc-9136-e4ac1ec37f15 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPdIFGdooAMFQmQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382dbcd-6a718efd51051576132dd523;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:38:53 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: z8LtaO2ywz0X9cGNU18a5eyA9jIy6hL9dEaZgcecoggpEelDxiTy7w== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 14:43:12 GMT age: 34024 etag: "9bc2e9039e9340b83ffcfb90e4e2c631a8723e60" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2150 Md5: 995eb3df7ec5507e3392fdb1ca6395b4 Sha1: 9bc2e9039e9340b83ffcfb90e4e2c631a8723e60 Sha256: 4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5295 x-amzn-requestid: e9c096df-2dba-408c-b45a-d114755fa883 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbzM0HmuoAMF4Ww= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cbeb-5808a0756f4180a0613cdbcd;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:27 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: lUjE1-vViTaS5s23OSlhLlxC597y0etgzMYGUdlqdpHBTK_ww5DEYA== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 22:17:18 GMT age: 6778 etag: "b412d62d44993500b947a38e8e242d0c6d6b7588" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5295 Md5: eb4b8985f697c1ff7753d3961fb4f67d Sha1: b412d62d44993500b947a38e8e242d0c6d6b7588 Sha256: 571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12655 x-amzn-requestid: db51cc10-5e13-4d63-a15b-a1c62b159f7b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbzNfFvloAMFgqg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cbef-67ec32d74521865c7f800ac6;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: mctLVf0ho2G4skGRA0gpSH5HVoAUeH7YOyY1QA4_abODLKqRIX0eTg== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 22:09:11 GMT etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac" age: 7265 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12655 Md5: 1039182464db1365a476dd88029b97d8 Sha1: 06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac Sha256: 2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4199 x-amzn-requestid: 61981ad5-3560-43e1-a1cd-37f823e89675 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cZQxoEz5IAMFzQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6386c80a-291574e42bee51b2523b3920;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:38 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: fL5AwXN4Kitj3BB3DyYyYfFYk3GRgLvhNNTiQKrDcxPR6mkfzyUuzQ== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 22:05:04 GMT age: 12898 etag: "07fafbd614cdb49f20bceea29d5e684725d3bdf6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4199 Md5: 4fd5f7a9e04d27654062b3e18b8aecca Sha1: 07fafbd614cdb49f20bceea29d5e684725d3bdf6 Sha256: 0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4409 x-amzn-requestid: cb422842-e955-4749-8b2a-3c028a09c20f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbz7XEE2IAMFY3A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cd15-3c4d1a6d4d542e81179ea8ba;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:25 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: zYLCQ4DUQtMklG-T-ATot22PDIUMjnN1wpVkoHBh4Oa3TAyNzTv86g== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:49:45 GMT age: 8431 etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4409 Md5: b8802d5080eb35e4052ef31cf7658650 Sha1: 1e78566f2e69268c5f753fb49112ab07aae3eccf Sha256: 9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086
GET /favicon.ico HTTP/1.1 Host: 60.winprizes660.monster User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: 60.winprizes660.monster/favicon.ico FQDN: 60.winprizes660.monster IP: 45.76.148.82 45.76.148.82 HTTP/2 404 Not Found content-type: text/html; charset=iso-8859-1 server: nginx date: Thu, 01 Dec 2022 00:10:16 GMT vary: Accept-Encoding content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6151 

                                        
                                            
Expires: Thu, 01 Dec 2022 01:52:44 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 00:10:13 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a5daf4dc99951793ae2315d4795e8146

                                                Sha1:   4427507ca4d3a5632cc8f598afbc85e2195d00bd

                                                Sha256: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5295 

                                        
                                            
Cache-Control: max-age=128961 

                                        
                                            
Date: Thu, 01 Dec 2022 00:10:13 GMT 

                                        
                                            
Etag: "638730f7-1d7" 

                                        
                                            
Expires: Fri, 02 Dec 2022 11:59:34 GMT 

                                        
                                            
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT 

                                        
                                            
Server: ECS (ska/F70C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    f3cf023c797da81728c0ac84c8759331

                                                Sha1:   fa07c5e39e4b0741ea484101cccb2202acea9d9c

                                                Sha256: 5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Wed, 30 Nov 2022 23:18:04 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 3129 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    30db107dcf4380cef05efea409c2e6a3

                                                Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9

                                                Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:13 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5291 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Thu, 01 Dec 2022 00:10:14 GMT 

                                        
                                            
Last-Modified: Wed, 30 Nov 2022 22:42:03 GMT 

                                        
                                            
Server: ECS (ska/F70C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    cfdd00e67ee6ca21712b867eb5288ab6

                                                Sha1:   b61d5d6ec3b7ad71619e13e32c87f2d01871b88a

                                                Sha256: f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

                                        
                                            GET /js/pub.min.js HTTP/1.1 

                                        
                                            
Host: push.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-site

                                         216.104.36.158

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 1482 

                                        
                                            
last-modified: Fri, 09 Sep 2022 11:46:08 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
etag: "631b2780-5ca" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
expires: Fri, 02 Dec 2022 00:10:15 GMT 

                                        
                                            
cache-control: max-age=86400 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubdomains; 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (2752)

                                                Size:   1482

                                                Md5:    31c303586c1b78e33984bd252b8e2644

                                                Sha1:   8083e2aad4cbf8242a4e6fb53657d49552b85f82

                                                Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be

                                        
                                            GET /th1paff/menu_2x.png HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://60.winprizes660.monster/th1paff/clean.css 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 124 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:38 GMT 

                                        
                                            
etag: "7c-5ee944f71957b" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced\012- data

                                                Size:   124

                                                Md5:    8f68efd9388ccd80b43759b2ed542305

                                                Sha1:   9f2cf96efe3bdec2ab64bc51856619cc02958fe6

                                                Sha256: 455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c

                                        
                                            GET /th1paff/action_icons_20px_2x.png HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://60.winprizes660.monster/th1paff/clean.css 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 1726 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:34 GMT 

                                        
                                            
etag: "6be-5ee944f28382a" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data

                                                Size:   1726

                                                Md5:    b699975b5fe73b087e711a33ff24ee1e

                                                Sha1:   0e33cc5c32a5e7d18440751e3946076664caaf53

                                                Sha256: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e

                                        
                                            GET /th1paff/thaffreboot4.html?city=Celina&model=Android%2010.0&brand=Generic&isp=Google%20Cloud&browser=Firefox%20Focus&cep=Sf78vk0-8y6g5rHrs-p0VBUS3_c4olquzhrWKjpbnyeoBYTEbNnkD_9ENoqf2UoRQJcW5UE0_OZSWa0kslobxQuezN-0mgwIjvwheif3vdp5wpNdywu6K9kyM-jUwBQf7JbKaIG5wg0PmeGHqA1QyBnJ5Iv00S75Vkok8_zu_gyOx3DiAGcnjMzG_JFYs2c9j9iyQpbOLqRVImT1dR6aKkdLu_SDswIohngir6gFzJUBq-9hmmdt1krqwjsP0qrkDPbR6QPfRVhCNlGUwEvli3iVE7stonTAW5DU-gusdEPTSVIrvZ75RLTSYWWAT_5xDFAvY1WmskdUzNXPMiwm3WKfaRaKtuBhRBXp3nc_tDgm6mtMsjfGd2yloCq4pY80Ay0i97ryYg7anERDeCB4fpFIVUX2A1Opdn9jKX5azBY&lptoken=16c16922854f51bf91b1 HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:14 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:23:50 GMT 

                                        
                                            
etag: W/"424d-5ee945adc91ac" 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2343)

                                                Size:   608662

                                                Md5:    66aa68c7f54fce221d5e381fa5a7e2ee

                                                Sha1:   c7e17dc2a2a0e9b4ff5eeb8f854f5c0b5745ce00

                                                Sha256: c21d9bb53816f38da519e2e544f5b1c3c1f884d1f0acd8323fe124bcad620df6

                                        
                                            GET /th1paff/like_user_1.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 1293 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:38 GMT 

                                        
                                            
etag: "50d-5ee944f6c849a" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data

                                                Size:   1293

                                                Md5:    2aa0d43e70d60d76ac4bdff139f8c7cb

                                                Sha1:   d7e3433297ad90f5d99249aee29b645265c9f3eb

                                                Sha256: e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

                                        
                                            GET /th1paff/like_user_2.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 1216 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:38 GMT 

                                        
                                            
etag: "4c0-5ee944f6eb71a" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data

                                                Size:   1216

                                                Md5:    f9299c2023539a8f27a6e1b12ed260e5

                                                Sha1:   046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2

                                                Sha256: ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd

                                        
                                            GET /th1paff/th12.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 5337 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:42 GMT 

                                        
                                            
etag: "14d9-5ee944fab04a8" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, baseline, precision 8, 128x128, components 3\012- data

                                                Size:   5337

                                                Md5:    30d34d7628e91a67ef9b6c701751b82d

                                                Sha1:   5a68e5bc09bacac96949950392ede472110b9bfd

                                                Sha256: 179f31c7ce696f846a1b66f023950feaa98369e3d57ce5d4b638b53bab20d2de

                                        
                                            GET /th1paff/th14.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 5988 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:42 GMT 

                                        
                                            
etag: "1764-5ee944fad75a9" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, baseline, precision 8, 128x128, components 3\012- data

                                                Size:   5988

                                                Md5:    4387f4c0cbae645d5d7442254e7cc560

                                                Sha1:   99b2c3a509f515fc9e53c8b018ba6b47028afbe1

                                                Sha256: 116ad309253857cb0844a375919bf6af104efc407355e64a5cabf600cc70a67b

                                        
                                            GET /th1paff/th16.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 4130 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:43 GMT 

                                        
                                            
etag: "1022-5ee944fb005ea" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, baseline, precision 8, 128x128, components 3\012- data

                                                Size:   4130

                                                Md5:    487c9c7e98edf8c07cd5cef5a7c3e48d

                                                Sha1:   a27e943677cc67810eb71f7f889969d2ca52e390

                                                Sha256: 1f49025ec428748511a8f75e7b4d47072fd0f7ce4cb4107592241570bd324356

                                        
                                            GET /th1paff/th17.jpg HTTP/1.1 

                                        
                                            
Host: 60.winprizes660.monster

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         45.76.148.82

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 00:10:15 GMT 

                                        
                                            
content-length: 4513 

                                        
                                            
last-modified: Tue, 29 Nov 2022 04:20:43 GMT 

                                        
                                            
etag: "11a1-5ee944fb1abca" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, baseline, precision 8, 128x128, components 3\012- data

                                                Size:   4513

                                                Md5:    2444132c4b20c85e0c9526f3b35a2524

                                                Sha1:   eb394ff3f1a3e2fadc7a8912e8929e218270e733

                                                Sha256: dfa6330186654634effccd2138f9ccd398bd743328b42a847ebe220c7a5dcff5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15738 

                                        
                                            
Expires: Thu, 01 Dec 2022 04:32:34 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 00:10:16 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ac3edd07bb0a4ebdaae6ec26e91d2079

                                                Sha1:   b6efe3811dfa37cdcde1e9d411c171732ac7e12a

                                                Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15738 

                                        
                                            
Expires: Thu, 01 Dec 2022 04:32:34 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 00:10:16 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ac3edd07bb0a4ebdaae6ec26e91d2079

                                                Sha1:   b6efe3811dfa37cdcde1e9d411c171732ac7e12a

                                                Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15738 

                                        
                                            
Expires: Thu, 01 Dec 2022 04:32:34 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 00:10:16 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ac3edd07bb0a4ebdaae6ec26e91d2079

                                                Sha1:   b6efe3811dfa37cdcde1e9d411c171732ac7e12a

                                                Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 2150 

                                        
                                            
x-amzn-requestid: b8ce8dbd-9109-4abc-9136-e4ac1ec37f15 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cPdIFGdooAMFQmQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6382dbcd-6a718efd51051576132dd523;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 27 Nov 2022 03:38:53 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: z8LtaO2ywz0X9cGNU18a5eyA9jIy6hL9dEaZgcecoggpEelDxiTy7w== 

                                        
                                            
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 30 Nov 2022 14:43:12 GMT 

                                        
                                            
age: 34024 

                                        
                                            
etag: "9bc2e9039e9340b83ffcfb90e4e2c631a8723e60" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   2150

                                                Md5:    995eb3df7ec5507e3392fdb1ca6395b4

                                                Sha1:   9bc2e9039e9340b83ffcfb90e4e2c631a8723e60

                                                Sha256: 4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 12655 

                                        
                                            
x-amzn-requestid: db51cc10-5e13-4d63-a15b-a1c62b159f7b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cbzNfFvloAMFgqg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6387cbef-67ec32d74521865c7f800ac6;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:31 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: mctLVf0ho2G4skGRA0gpSH5HVoAUeH7YOyY1QA4_abODLKqRIX0eTg== 

                                        
                                            
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 30 Nov 2022 22:09:11 GMT 

                                        
                                            
etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac" 

                                        
                                            
age: 7265 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   12655

                                                Md5:    1039182464db1365a476dd88029b97d8

                                                Sha1:   06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac

                                                Sha256: 2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4409 

                                        
                                            
x-amzn-requestid: cb422842-e955-4749-8b2a-3c028a09c20f 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cbz7XEE2IAMFY3A= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6387cd15-3c4d1a6d4d542e81179ea8ba;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:25 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: zYLCQ4DUQtMklG-T-ATot22PDIUMjnN1wpVkoHBh4Oa3TAyNzTv86g== 

                                        
                                            
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 30 Nov 2022 21:49:45 GMT 

                                        
                                            
age: 8431 

                                        
                                            
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4409

                                                Md5:    b8802d5080eb35e4052ef31cf7658650

                                                Sha1:   1e78566f2e69268c5f753fb49112ab07aae3eccf

                                                Sha256: 9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086

URL	60.winprizes660.monster/th1paff/thaffreboot4.html?city=Celina&model=Android%2010.0&brand=Generic&isp=Google%20Cloud&browser=Firefox%20Focus&cep=Sf78vk0-8y6g5rHrs-p0VBUS3_c4olquzhrWKjpbnyeoBYTEbNnkD_9ENoqf2UoRQJcW5UE0_OZSWa0kslobxQuezN-0mgwIjvwheif3vdp5wpNdywu6K9kyM-jUwBQf7JbKaIG5wg0PmeGHqA1QyBnJ5Iv00S75Vkok8_zu_gyOx3DiAGcnjMzG_JFYs2c9j9iyQpbOLqRVImT1dR6aKkdLu_SDswIohngir6gFzJUBq-9hmmdt1krqwjsP0qrkDPbR6QPfRVhCNlGUwEvli3iVE7stonTAW5DU-gusdEPTSVIrvZ75RLTSYWWAT_5xDFAvY1WmskdUzNXPMiwm3WKfaRaKtuBhRBXp3nc_tDgm6mtMsjfGd2yloCq4pY80Ay0i97ryYg7anERDeCB4fpFIVUX2A1Opdn9jKX5azBY&lptoken=16c16922854f51bf91b1
IP	45.76.148.82 (Singapore)
ASN	#20473 AS-CHOOPA
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-01 00:10:25 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	0
urlquery alerts	1 Scam / Brand infringement
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.76.148.82

Last 5 reports on ASN: AS-CHOOPA

Last 5 reports on domain: winprizes660.monster

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (6)

#1 JavaScript::Write (size: 12) - SHA256: 67f046f415ee9782e144798c5fef192384e6625207ecbfd886253508b5d58b06

#2 JavaScript::Write (size: 12) - SHA256: e199a2c9e568ec1212a8e7272ba8160dc30d532d83b6d022a7d6ba0db728793e

#3 JavaScript::Write (size: 27) - SHA256: 734cf24d377e310eef5696043a0bd6bea8ae0a88f37685d2d38ce2648f82be9a

#4 JavaScript::Write (size: 11) - SHA256: 1344cdb2314c6d1394dce683c56b873c2c6f35723ec9f1181b0ec625aaa6154b

#5 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

#6 JavaScript::Write (size: 12) - SHA256: d04b82dcf8eaf2eb79e64402edc761f2a8db6bac256863e4b66a8fb9814844ba

HTTP Transactions (42)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.76.148.82

Last 5 reports on ASN: AS-CHOOPA

Last 5 reports on domain: winprizes660.monster

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (6)

#1 JavaScript::Write (size: 12) - SHA256: 67f046f415ee9782e144798c5fef192384e6625207ecbfd886253508b5d58b06

#2 JavaScript::Write (size: 12) - SHA256: e199a2c9e568ec1212a8e7272ba8160dc30d532d83b6d022a7d6ba0db728793e

#3 JavaScript::Write (size: 27) - SHA256: 734cf24d377e310eef5696043a0bd6bea8ae0a88f37685d2d38ce2648f82be9a

#4 JavaScript::Write (size: 11) - SHA256: 1344cdb2314c6d1394dce683c56b873c2c6f35723ec9f1181b0ec625aaa6154b

#5 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

#6 JavaScript::Write (size: 12) - SHA256: d04b82dcf8eaf2eb79e64402edc761f2a8db6bac256863e4b66a8fb9814844ba

HTTP Transactions (42)

Network Intrusion Detection Systems