buzzlottery.buzz/saudiaair/N28orbloFKmrTmmf3gEDqS
172.67.206.162200 OK 365 B URL HTTP/1.1 buzzlottery.buzz/saudiaair/N28orbloFKmrTmmf3gEDqS
IP 172.67.206.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 784ab77a2cbe4bbf44efcd9e98b29a18
ffd40ac993fb6a2d4cfdf9f38822c7fbca9fb9d2
b97af6f31e8f5d9887205e85e93783c584aa0aad6503ed5ad332adc7fdde2480
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /saudiaair/N28orbloFKmrTmmf3gEDqS HTTP/1.1
Host: buzzlottery.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 00:32:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9IHm8PyDLW43B%2BUfoEAYJPWiLEAPbMdNifRbWEuQKgvLw2yaUFW6jmBr%2FHuzgQAU9LmmkT1DOO8SNpgEjvQ60GFTbSi4peG%2BluIXkPOmNaB3tGHqk5HlMIYi8SeDldEvHZl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7adb4c516d030afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7507
Expires: Sun, 26 Mar 2023 02:37:50 GMT
Date: Sun, 26 Mar 2023 00:32:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2941
Expires: Sun, 26 Mar 2023 01:21:44 GMT
Date: Sun, 26 Mar 2023 00:32:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Mar 2023 00:15:30 GMT
content-type: application/json
age: 1034
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9bb70197d53617b5e6889b890dd2ae26
f3e9b8a743de494529baf2d078a622539f965307
a094a13905b7f1cd89475f9c83f9245580d4c3c7228d51d5c16622aec3c6aa45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A094A13905B7F1CD89475F9C83F9245580D4C3C7228D51D5C16622AEC3C6AA45"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16541
Expires: Sun, 26 Mar 2023 05:08:25 GMT
Date: Sun, 26 Mar 2023 00:32:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +9qHBSGzVdm8R2xWSAIbL4JfsqDCwz6DhMsSapbd8mVnNDyQ3WEVNFmORscZ5zap0gZSdOb4sKY=
x-amz-request-id: S3G2GC2ANVHJ2KP3
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Mar 2023 00:00:59 GMT
age: 1905
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
buzzlottery.buzz/saudiaair/api/j.php
172.67.206.162200 OK 121 B URL HTTP/1.1 buzzlottery.buzz/saudiaair/api/j.php
IP 172.67.206.162:0
File type ASCII text, with no line terminators
Hash 0211334b9d831bca12a4aad218e65b4e
b5fe697bff1fe0106e49cfa5f9da0c43597fcfbb
62931a16234287d0954bf9626664fb3627908f06d5958f291b2baccec3fbd277
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /saudiaair/api/j.php HTTP/1.1
Host: buzzlottery.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://buzzlottery.buzz/saudiaair/N28orbloFKmrTmmf3gEDqS
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 00:32:44 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sd2wtFZerfpUObmcgfscIw2tIK5Lfpl9vMNj4T1yRisvhjeWGV9%2FA4rGcD36uaaBRUykZ7ieAP5EBIZMxZKgDL9WRBcMPqwZzIiR%2BojMR6r9wNFmPjEDhJY9XJUg9EyhuVmQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7adb4c541e8c0afa-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Mar 2023 00:17:24 GMT
age: 920
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8116
Expires: Sun, 26 Mar 2023 02:48:00 GMT
Date: Sun, 26 Mar 2023 00:32:44 GMT
Connection: keep-alive
sweepstakeswinner.buzz/wEzRg0CE0L1v1vgZjPBP/cl5uY2ZaYGZrMDMwODQyLzQvMw==
188.114.97.1200 OK 19 kB URL HTTP/2 sweepstakeswinner.buzz/wEzRg0CE0L1v1vgZjPBP/cl5uY2ZaYGZrMDMwODQyLzQvMw==
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 88c4c8de485424f5434c42a031e6ca14
2fddb79882a4f6344df0eea08c1dd3ada8417069
2b79e8ab22b938c9b1bfe54da4a856c7fccf7baf497e55e52c2f16095d8004b9
GET /wEzRg0CE0L1v1vgZjPBP/cl5uY2ZaYGZrMDMwODQyLzQvMw== HTTP/1.1
Host: sweepstakeswinner.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://buzzlottery.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://r.img.social/res/base64.min.js>; rel=preload; as=script
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1p45OO5%2FjGVBweTk2zkc4aryri3L9NG23J%2BkX%2FlvBu4TF167aZ%2BRKOsmpSm%2BvLiXb6%2Fp2uudZFj%2FPdx6RKavRl9sOj3G1AVGi%2FizBw4PDokJ%2Fv0i1koXWcYnVu7niFNsVKe%2B92ii5MV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7adb4c557d2a1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/select2/4.0.0/css/select2.min.css
104.17.25.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/select2/4.0.0/css/select2.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (14909), with no line terminators
Hash 915041662c90ebbe09bef2e44559deb1
dc9252dd0c614bbad55d08575b1c06f100c00764
fd64399b28f0628d7385c61453e2769afae3968f6182ec9517ba5b166af0b1b9
GET /ajax/libs/select2/4.0.0/css/select2.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: text/css; charset=utf-8
content-length: 1546
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-3a3d"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20235320
expires: Fri, 15 Mar 2024 00:32:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etmkJD2HnYRanyz9%2FZHCD%2FItqCKHUfydeYfAgthpmhhV%2F7dzspfRq9xjx7DiBSol0Qh2JRhtEOvbcefywvp4JQT6JTiMOQF7DmVfxYLdTl8nW6mTc0xPiCClqDmtX3YuOAsaadfr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7adb4c581e13b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.1/css/bootstrap.min.css
104.17.25.14200 OK 18 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.1/css/bootstrap.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65326)
Hash cb456be7e553716fc4e534dd1e242b57
6f4445e0019dbefeef975c985748a5b2d70c055d
6003149a4edcca9484b20a4e5166995b5a986ca98dde735d60e22e54e2371f69
GET /ajax/libs/bootstrap/4.6.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: text/css; charset=utf-8
content-length: 17725
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "617ad19a-453d"
last-modified: Thu, 28 Oct 2021 16:36:42 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 267264
expires: Fri, 15 Mar 2024 00:32:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRTvAw%2F94UMX%2B8I6x8b4yCoOqeUfCG03Jx3tpazj6h%2B%2BWWzmrX8eRhjgpGVFQSuH700yahmEGbBR5U3m6%2Bb6%2Bm4P2VJePXW1chxsXdH%2FqxTMchzWTfEHmA%2BZhwWnuMmJGywpsIha"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7adb4c581e0bb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/TEmZIEbxYhE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TEmZIEbxYhE
IP 142.250.74.131:0
Hash 4d538646c5c228b63442f85de5524e4d
80c9d18c70033e9f38f0b3e4e9fe76c6cd8b498c
fe90e900ae1a97aa86f38003b538c2a2928028f0394a1e8945b32da463406e32
POST /s/gts1p5/TEmZIEbxYhE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 00:32:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/TEmZIEbxYhE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TEmZIEbxYhE
IP 142.250.74.131:0
Hash 4d538646c5c228b63442f85de5524e4d
80c9d18c70033e9f38f0b3e4e9fe76c6cd8b498c
fe90e900ae1a97aa86f38003b538c2a2928028f0394a1e8945b32da463406e32
POST /s/gts1p5/TEmZIEbxYhE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 00:32:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r.img.social/res/69198285/img/shahuzuo.jpg
172.66.40.168200 OK 1.4 kB URL HTTP/2 r.img.social/res/69198285/img/shahuzuo.jpg
IP 172.66.40.168:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 92x80, components 3\012- data
Hash e74e3c25c594ad9ec335a46b137671d6
e2715f2b67895f0a744e5fb3f21c75ec79d84224
9d8257551d868dc4ea774cbd26a6183ab9dd0a885bbca8770786b117fe459d7a
GET /res/69198285/img/shahuzuo.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: image/jpeg
content-length: 1379
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=4487
etag: "f57f08a3cdc1f79d13e38f3c6dfc4961"
expires: Sun, 26 Mar 2023 01:07:32 GMT
last-modified: Wed, 22 Mar 2023 05:28:34 GMT
x-guploader-uploadid: ADPycdsH6_4ZQyHzBy8dETUDS7sVNCqZcDz7Ddrkd61UGorhNKbekaRmo0J6XF7UTse-d95xCQlThZtBb0Bu7Ff_fjOCDQ
x-goog-generation: 1679462914528782
x-goog-hash: crc32c=doSqjw==, md5=9X8Io83B950T4488bfxJYQ==
x-goog-meta-x-goog-reserved-source-generation: 1679424698598921
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4487
cf-cache-status: HIT
age: 486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4i9S4l6blcNOqrlDi%2B6VcbzyNjL3xEQLUakryzY4UuqJk2cGlQTPsU4rpXXP5AQp1hLIPsDlgJlaNlCoMhKMeB%2B4zoTk91GcuiCLnChkdqRubT%2FfnVRhsbZClwy2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5858b6b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/shaeyou.jpg
172.66.40.168200 OK 1.7 kB URL HTTP/2 r.img.social/res/69198285/img/shaeyou.jpg
IP 172.66.40.168:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 84x80, components 3\012- data
Hash 925a9a4619601078323cee7af41c973f
f46324cb4f5ddb9075da22659eb104670eb265b4
b99c63996fd18f26374c5c3889c31188cc8804dc20e0ed2411e17f800a1e9f28
GET /res/69198285/img/shaeyou.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: image/jpeg
content-length: 1699
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=6110
etag: "77837671a6b934d6d42112bf41a6fa39"
expires: Sun, 26 Mar 2023 01:07:32 GMT
last-modified: Wed, 22 Mar 2023 05:28:34 GMT
x-guploader-uploadid: ADPycduBU0Fzhi48JXxzfO74jdaw27VkwlLeLjHLS6VPYWDh847UZqh7v-GlWcDqJXk3PiMdOb8v6dH4reBE7jfzPCWUig
x-goog-generation: 1679462914730196
x-goog-hash: crc32c=EhCxeA==, md5=d4N2caa5NNbUIRK/Qab6OQ==
x-goog-meta-x-goog-reserved-source-generation: 1679424697688554
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6110
cf-cache-status: HIT
age: 486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppMCH%2FNXLlXfcLiIflHm1SF1LNX4DjTPQaQ8rSbMkkxB5COBRFMSQgyOTYVzsDpzbMDo2Sh7uUawxMtUziHlcYZzIJ7pjdWfCCTMQaHybZGqmIfsnwboNSBm0FEhdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5858b7b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/sasasa-show.jpg
172.66.40.168200 OK 28 kB URL HTTP/2 r.img.social/res/69198285/img/sasasa-show.jpg
IP 172.66.40.168:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 520x317, components 3\012- data
Hash 04cb8bdda3f45d0a877faa0b53394c17
0551375e59e6b3059f61f310c983d15076f03342
5e089b8a6d854f12fef4b9643705849ff188fd3f9d274c9e2f94131455fcb844
GET /res/69198285/img/sasasa-show.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: image/jpeg
content-length: 28116
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=58669
etag: "c794c54871370c9bdbb573b1bd7a921b"
expires: Sun, 26 Mar 2023 01:07:32 GMT
last-modified: Wed, 22 Mar 2023 05:28:32 GMT
x-guploader-uploadid: ADPycds9haEX1S6_zOYOx-BYsmbaK3tHbQecqdUG_EmDm_THiPHkqUgnKWvrK7u7qSRA7rY5-MiQz_iE2xTHBg4EjuUMdg
x-goog-generation: 1679462912227477
x-goog-hash: crc32c=dloxrw==, md5=x5TFSHE3DJvbtXOxvXqSGw==
x-goog-meta-x-goog-reserved-source-generation: 1679424802409590
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 58669
cf-cache-status: HIT
age: 486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ckX2LJQzL09Qv7I8VvnSaHTEUgxssN91bcWSACnmDM%2BCOICzfRF%2BrOd9xtfABYTZQ6uT2zk2iBkNtqWjArm8cYQuflkRAIm4UJWIw5dCD%2BsooEwEUZ%2F6k1%2FquT0lA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5858b8b51d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/TEmZIEbxYhE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TEmZIEbxYhE
IP 142.250.74.131:0
Hash 4d538646c5c228b63442f85de5524e4d
80c9d18c70033e9f38f0b3e4e9fe76c6cd8b498c
fe90e900ae1a97aa86f38003b538c2a2928028f0394a1e8945b32da463406e32
POST /s/gts1p5/TEmZIEbxYhE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 00:32:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/TEmZIEbxYhE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TEmZIEbxYhE
IP 142.250.74.131:0
Hash 4d538646c5c228b63442f85de5524e4d
80c9d18c70033e9f38f0b3e4e9fe76c6cd8b498c
fe90e900ae1a97aa86f38003b538c2a2928028f0394a1e8945b32da463406e32
POST /s/gts1p5/TEmZIEbxYhE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 00:32:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r.img.social/res/69198285/img/shatzho.jpg
172.66.40.168200 OK 7.3 kB URL HTTP/2 r.img.social/res/69198285/img/shatzho.jpg
IP 172.66.40.168:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 314x80, components 3\012- data
Hash b84853a97c9db2c662878222f9909750
ad8c5fa8dda006ccee7addd714f18298e39839f8
1a67571be03cd5dd29f4bf7c2a52cc48e2075f7cb13ef6e45e066de7d203c8bc
GET /res/69198285/img/shatzho.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 7263
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=26783
etag: "63785d5375deb9b42c9e6a315aecb1a0"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:33 GMT
x-guploader-uploadid: ADPycduWecRA2TiCoukZpAOlabTD6Fhw25BsWY3gyzjTo37hZ1ZJbpvV2tCxgeSwhu3G-cj4TrpCqdLKUOd0_kRgmX0J7Q
x-goog-generation: 1679462913726390
x-goog-hash: crc32c=VFkLMg==, md5=Y3hdU3XeubQsnmoxWuyxoA==
x-goog-meta-x-goog-reserved-source-generation: 1679424699365666
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26783
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlBzwYWkF1pWk0LZexkXhiwS9Re4VnKxLJXD5Pu3802k8jmpd%2BtsTsSHxpjt%2Fw3vhXyEMIrQVLEX5eKX5NrXljBdUTcNtIiSx2nCbRcVQryGS%2B7POww3Te7R2W%2FZKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5969cab51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/sasasa-box1.png
172.66.40.168200 OK 18 kB URL HTTP/2 r.img.social/res/69198285/img/sasasa-box1.png
IP 172.66.40.168:0
File type PNG image data, 300 x 214, 8-bit/color RGBA, non-interlaced\012- data
Hash d2b936d01e288232bc40e982eef87297
235db1b63ffa9791a2d42edbb26974cda900d82f
1f1f7a8c96b79b75da70edce7bcbb5655e14eb357d54cf8bd558422a0d21efd6
GET /res/69198285/img/sasasa-box1.png HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/png
content-length: 18288
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=22887
etag: "f17ec9aa4ccfe64380a5d39a49ffff4b"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:31 GMT
x-guploader-uploadid: ADPycdsrydoxcOl7FmTeZyAAyBIZx_T5AS9SkMN9M9T_8VeqpWQlWE5ETcnqIMffhvpWUZAt1eflaPptvsKJN5wHHBy93FWfbAHP
x-goog-generation: 1679462911942615
x-goog-hash: crc32c=3mfomg==, md5=8X7JqkzP5kOApdOaSf//Sw==
x-goog-meta-x-goog-reserved-source-generation: 1679424695609111
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 22887
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp7xk3PkKbP7omLGeDx5qFr4oHDgEv2wZcMlEr5wbfBzdYOh%2BrP%2FUQssi1qMLNWJF7fC8XUma2NclOez5zpETX2vHHXMjFlNJ4kDHSYxAsbkO7POqfIbI8hoz17Yww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5979d0b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/sasasa-box2.png
172.66.40.168200 OK 5.3 kB URL HTTP/2 r.img.social/res/69198285/img/sasasa-box2.png
IP 172.66.40.168:0
File type PNG image data, 300 x 214, 8-bit/color RGBA, non-interlaced\012- data
Hash 536521f31db7ebd20b9660d71803baac
e7f4246766e7779c58b96fa1eefb7bde015de4c6
77884dc78146db58e2d8865e78ba834361e0c81a411507cf60377eb020b0cedb
GET /res/69198285/img/sasasa-box2.png HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/png
content-length: 5304
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=7399
etag: "815e174adf695f68ae4be19eb791fca4"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:33 GMT
x-guploader-uploadid: ADPycdv6exIp8hufpXjLFEpkE9RCq_emTRa-UpFdie3XA8cwrpp-W98YIr_KGjZzsSe07Z0VmyL2pG2rn91Hpw1t5s5JqQ
x-goog-generation: 1679462913430951
x-goog-hash: crc32c=pL1IdQ==, md5=gV4XSt9pX2iuS+Get5H8pA==
x-goog-meta-x-goog-reserved-source-generation: 1679424696305164
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7399
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8lJS188EKIsdCzI%2FPpjhErW2Zp%2BFkNFl6uq6JJwFHeikSyUXxhpbTvQmd%2FGV7wDLYbZV6in%2B1GSKQfMHuOthuSCF4DziWWpGl9EPSO%2BubWyB3SH06V57jiophHZ3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5979d3b51d-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0hJRECaHMeRG0kE/S/jcRw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9ASl5YEtL1GTAjvzg6wosL5/2rM=
r.img.social/res/69198285/img/sasasa-box3.png
172.66.40.168200 OK 25 kB URL HTTP/2 r.img.social/res/69198285/img/sasasa-box3.png
IP 172.66.40.168:0
File type PNG image data, 300 x 214, 8-bit/color RGBA, non-interlaced\012- data
Hash ac2a507b841cdea8b515854ae099803c
26dc222d5b9bed01a3a66f9a596b444e6035f0f3
63982b3f0ed63b2a97964f0db0d3715c864939190438f19c716714793fbc1f5c
GET /res/69198285/img/sasasa-box3.png HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/png
content-length: 24810
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=28431
etag: "ee8a883d0608366e08a9b32e54742df7"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:35 GMT
x-guploader-uploadid: ADPycds2nw1v-oi4yENJNmK-xryiXzXGa-jRZL38CJPcu2ePeAGseNS5q3ekec8wT-ChTjBYT4H-9H-54Sr8o2f49dzhuA
x-goog-generation: 1679462915327320
x-goog-hash: crc32c=Nwv9lg==, md5=7oqIPQYINm4IqbMuVHQt9w==
x-goog-meta-x-goog-reserved-source-generation: 1679424801122869
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 28431
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6F5BahfUTAF%2B9TV%2B%2FCm3Rj%2Fm0nVhEL8HNg9vyJDk%2BICLPPD2v%2BGgxl4J2siq2OPiay9BZK9lQ6zhE7KABzRcIbUc5kW3EWe0NlEJ5wzXygaCTqTn4NCg6xcRYhw4Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5989edb51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/saud.jpg
172.66.40.168200 OK 6.3 kB URL HTTP/2 r.img.social/res/69198285/img/saud.jpg
IP 172.66.40.168:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 909cbb974553a29ba6fdda6e3cce50b1
5b96904d20ea61696ab8c9b61643fd16831d7ef0
518e7aab533ec9d31fa8be844cca8f91b1c05fd31f8c46a1b134bd5adc0f8240
GET /res/69198285/img/saud.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 6297
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=11103
etag: "a7218dcb5ada5379c1251838363f9cad"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:31 GMT
x-guploader-uploadid: ADPycdumL3a40Oe4m9M9ftzca1g8hrTmdCXf2fc6v2wUd2SKCcFzetfCIWsQGSzzqKUAPS5eyZsDFXZXJ0mf1LzSZMoFDg
x-goog-generation: 1679462911735800
x-goog-hash: crc32c=9aj0Tw==, md5=pyGNy1raU3nBJRg4Nj+crQ==
x-goog-meta-x-goog-reserved-source-generation: 1679424697014251
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11103
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHJZZbE1JB7eWugZIFaSe1NTcct4QngmtRbftnaRrlBNS4dkNIrGHC6k8Veu8bq4xIWWM6LzS5iCdB1j4AC1WCzLrp3KyhDendH2%2FQ3yg%2F6a%2BFrlT5QsNVeINF8QoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5999f3b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/shaskoodllss.jpg
172.66.40.168200 OK 6.3 kB URL HTTP/2 r.img.social/res/69198285/img/shaskoodllss.jpg
IP 172.66.40.168:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash e6a636927fff7373b46842c3686ddd21
cd32ef0f8e5cd8d4d07716021672b138f3a5d831
33e142e39964d9ad33b55d9af6ef8c8ea15deb96b350c083fd0fbd0e6c3832d5
GET /res/69198285/img/shaskoodllss.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 6310
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=14488
etag: "f99c07f1ad5c13db780b3a6b7e542984"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:32 GMT
x-guploader-uploadid: ADPycdvfSC9V9i0OHauQEZ16oU36m0CjaMDz5guHY4lowO3u_XTinzn1pCun5fJJ2rArq8GPi7klnMfRmz3ZVQKqEnMvAhlTuGVK
x-goog-generation: 1679462912625485
x-goog-hash: crc32c=La6vmQ==, md5=+ZwH8a1cE9t4CzprflQphA==
x-goog-meta-x-goog-reserved-source-generation: 1679424698693041
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14488
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4jkURcTmz52mKkzzg5cZabI0vk0AmIbKcol4GhHNhTaW9yUZc4iLSMfG6aRpj%2F1yq9lcAGwrtNQIr8BlHTYYOrlG6YWMFDh3CHzh7458mbrW7u5YgEPhB4HtHKq%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5989f0b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/yhph15.jpg
172.66.40.168200 OK 9.3 kB URL HTTP/2 r.img.social/res/69198285/img/yhph15.jpg
IP 172.66.40.168:0
File type JPEG image data, progressive, precision 8, 290x300, components 3\012- data
Hash 9f3b4dae153fe08e158c8300a696d25c
6bb0acba2008f172f017433945290d5abe093b56
2f12a2efc1cf70194592a63a025942957870c9ce7a44477145edfccca08614fb
GET /res/69198285/img/yhph15.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 9324
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10168
etag: "6e4bb6b4ffa9883998c5b0e197d7f668"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:31 GMT
x-guploader-uploadid: ADPycds6KHS-Ek7xM0uc2axxCDMV6a7hH--xEdJYNJSRMViaIih23ievImtQ2N_BxBeiZMsRH4tsM7uQ8K5vg6rMnzrkkL3ktdq7
x-goog-generation: 1679462911244262
x-goog-hash: crc32c=wBwy7g==, md5=bku2tP+piDmYxbDhl9f2aA==
x-goog-meta-x-goog-reserved-source-generation: 1679424701818341
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10168
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BvDztqBdZVfGC7uLrvttmUPeVQRN4zKCEYuSTsysBm%2Fnx10AMB7fOE7aEvVfcm1IjWQDiAlTUVHWCt2qvaRS1z9LxbEnh1BmwXGCjq0Tb6x4M8oNJRI%2FcWxUaDh6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c59aa00b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/yhph14.jpg
172.66.40.168200 OK 18 kB URL HTTP/2 r.img.social/res/69198285/img/yhph14.jpg
IP 172.66.40.168:0
File type JPEG image data, progressive, precision 8, 290x300, components 3\012- data
Hash 2ad63c0208866683c41ee3a9c1dcd86c
5eff842a2aad96aea723c47e3a3f37355ba971ba
ef640114d05630291552c78667eeb6c8042fd1da9a20985e3689248dd9f92a9e
GET /res/69198285/img/yhph14.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 17756
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18970
etag: "9adb072daed6dc2befe18dfbda00e23f"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:32 GMT
x-guploader-uploadid: ADPycduifae-M-A2JsS2IEu6DwHKNgBxchy4p75CZ0co6cY71nLazNgfkZhpT5SVTbed9NDSBtZMnWfdehbK_Kx9-6zhzPXgwHD4
x-goog-generation: 1679462912338661
x-goog-hash: crc32c=5jI9IA==, md5=mtsHLa7W3Cvv4Y372gDiPw==
x-goog-meta-x-goog-reserved-source-generation: 1679424701646926
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 18970
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8Wj7C%2FrBlwgY59wkcQylGAWKpzGghMnvGAvF7AmXHNWHTJEZ6yJkew8Q70mc%2FxGoN0cRqI4nEA2b6qi94l9OBdFVMktuh8Df2SLiqsvGr40FgKDQDxELPx4Hux98w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c59a9ffb51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/yhph13.jpg
172.66.40.168200 OK 7.2 kB URL HTTP/2 r.img.social/res/69198285/img/yhph13.jpg
IP 172.66.40.168:0
File type JPEG image data, progressive, precision 8, 290x300, components 3\012- data
Hash 9e8f22dc5ebf6365b5a78bf106e7d2e4
dfc16779198238d948891d05adbab7382442cb09
482d0073ca5949ffb10c5566cd9fcdf2578b7f21fb129b666facde27a384715a
GET /res/69198285/img/yhph13.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 7227
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=8087
etag: "d5429c1a55540902cf9b395fea83744a"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:31 GMT
x-guploader-uploadid: ADPycdvR26f_Kw2H6p6Bae91gwQ3xwljMyxH52fNCnjcTbs6JqXRMuJc_PH2UaL4thW8QxGRhM4r7yLqbGJ1rXv9CTjs48RGASXo
x-goog-generation: 1679462911939136
x-goog-hash: crc32c=pzWGEg==, md5=1UKcGlVUCQLPmzlf6oN0Sg==
x-goog-meta-x-goog-reserved-source-generation: 1679424700827183
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8087
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1WnqS8U4X1gmGQh6O12z%2Fvh9CrKofDcaapEXjvMwyMfXxgwyZwaxjLgoKWeqJsCWgTc0Y60g%2F73VLq2UQQvzWdpgAOWOJKs12Npej%2FBYceUG2m7ClVsmSQa3B9%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c5999f8b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/yhph19.jpg
172.66.40.168200 OK 9.2 kB URL HTTP/2 r.img.social/res/69198285/img/yhph19.jpg
IP 172.66.40.168:0
File type JPEG image data, progressive, precision 8, 290x300, components 3\012- data
Hash 8280c42ee471dc9b2565e1f941ed538b
147da09af88a6b3692d56b03ec97a681357cc33d
bf3b681c8511ac32b171f22b897888cf3e245f70f60b938b72b9b0d0326153dc
GET /res/69198285/img/yhph19.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 9210
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10100
etag: "ed5208abdf722c3c2c09f086c9f7fb73"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:35 GMT
x-guploader-uploadid: ADPycduqOCKdHEIi6nQ0eJNh7PWdri87bX_eBglm2YWdt1zn90AQaNsNxhQmc4-7gKSGCLa1WUpax9VYa1W3HsK8c1oqsg
x-goog-generation: 1679462915630497
x-goog-hash: crc32c=XYMTnQ==, md5=7VIIq99yLDwsCfCGyff7cw==
x-goog-meta-x-goog-reserved-source-generation: 1679424703852512
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10100
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dGMlJLrxYv7%2FtM8%2F9dp1O5gsV%2FdnAUrGkfgHU2BHA9Oplg0OYhcSvBGr1UaajOK67SdsH8CZ0C0%2BRj6CZURp1d5aT61K02CoLoIEEW9MaC%2BHAHhk%2Fu1aRJKbmhgMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c59aa07b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/yhph16.jpg
172.66.40.168200 OK 9.7 kB URL HTTP/2 r.img.social/res/69198285/img/yhph16.jpg
IP 172.66.40.168:0
File type JPEG image data, progressive, precision 8, 290x300, components 3\012- data
Hash 422965fa08c4c27f4276f579853ca2a5
4da8fe3793968382a7fc275c4d8c854fd9de858e
60f2b2d3e410f3bbfdf7873bff94e55a321497285deb5fc79bce95e328af111d
GET /res/69198285/img/yhph16.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 9725
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10512
etag: "100acd25ecb686266228c88ac237cb35"
expires: Sun, 26 Mar 2023 00:40:57 GMT
last-modified: Wed, 22 Mar 2023 05:28:31 GMT
x-guploader-uploadid: ADPycdv7FCytuKYK7s_KLb4NRPCbzF5Xr9_nXorHtkuCA05GRpwKfQoI_b15CikhoIR1JIRXdVksURRS0-FV-igMuW-uSQ
x-goog-generation: 1679462911832354
x-goog-hash: crc32c=nFoeLg==, md5=EArNJey2hiZiKMiKwjfLNQ==
x-goog-meta-x-goog-reserved-source-generation: 1679424702377293
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10512
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhxC0MQiAazOTR9ZM2ZP%2FrWbeikbOEi4vvM6bp%2F5rIJD01ZyRA27B%2B8%2FkYYgYKfldhnWYnH5vpEgxkzk1FJOgwEyO86jLePDN3zlSS3HvHPiX7hu4M0yDKGYlazd0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c59aa01b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/yhph17.jpg
172.66.40.168200 OK 12 kB URL HTTP/2 r.img.social/res/69198285/img/yhph17.jpg
IP 172.66.40.168:0
File type JPEG image data, progressive, precision 8, 290x300, components 3\012- data
Hash d236fe2cc932bc07dc9927c603d5cf79
de20fc3a314d0dac05ee504b0401db39071d7a87
1b362dd87a4e4c299e519bdd4d3d4322844567b32b5bef899231f5a1a51ff6c8
GET /res/69198285/img/yhph17.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 11521
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12516
etag: "c995f3ae46885ff5c367e1ee400476a5"
expires: Sun, 26 Mar 2023 01:07:33 GMT
last-modified: Wed, 22 Mar 2023 05:28:34 GMT
x-guploader-uploadid: ADPycdt8stXjRKjmd67jWgZJAgYaqYdGHDkWtAR5d_4myrdrh0EK8EsXE1x_xjbsCEySkbHFmGOB_Y8svTI-48wnY5THHA
x-goog-generation: 1679462914357127
x-goog-hash: crc32c=6lJ2dg==, md5=yZXzrkaIX/XDZ+HuQAR2pQ==
x-goog-meta-x-goog-reserved-source-generation: 1679424703275983
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12516
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpZdOnKN3%2FHdlppWDs8Vvwyj8zt0aUv1JKKaRQJtHoPwvirCu1bmyQeMhFAfKavLlGnX9eM3UrIFDkU1FRvrNaCcvUJgwrce7Y70zZNQ5Ht50AV0g75v5DrMPXbunA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c59aa02b51d-OSL
X-Firefox-Spdy: h2
r.img.social/res/69198285/css/style.css
172.66.40.168200 OK 14 kB URL HTTP/2 r.img.social/res/69198285/css/style.css
IP 172.66.40.168:0
File type ASCII text, with CRLF line terminators
Hash 3c79da4dba39c397bc4537c4d304249a
bc602ffa7b34ec3b8a894909ecad9a1b7f622df6
a1412031db213791522427b850989b09947b236c017b42a36173778bd5a4fbb0
GET /res/69198285/css/style.css HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: text/css
x-guploader-uploadid: ADPycdsij2E2rGjs1OYBZnwVxJA_SdzdoXfOdtXCSh5XqMCvHRMghEFCxRVk_QIpvfWNZ47Ps6PN5MSCErsUCDKqc4n17g
expires: Sun, 26 Mar 2023 01:07:18 GMT
cache-control: public, max-age=14400
last-modified: Wed, 22 Mar 2023 05:28:34 GMT
etag: W/"0703e73028885e8120f970209b7933fe"
x-goog-generation: 1679462914631019
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 36809
x-goog-meta-x-goog-reserved-source-generation: 1679424704924864
x-goog-hash: crc32c=vzoTxQ==, md5=BwPnMCiIXoEg+XAgm3kz/g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGrKFMLP6pHaPxWcPvqu5iK1Sefvsp1%2BqDLsjQTATxVVlsw006jXPEN%2F16pwPvEJRo4YUIqthz8Fos6TmSNR6%2FBwognnJeXp6KiD9QLSPFKLdaAr4RIxZdVUBUi8EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c59197ab51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
r.img.social/res/69198285/img/yhph18.jpg
172.66.40.168200 OK 9.6 kB URL HTTP/2 r.img.social/res/69198285/img/yhph18.jpg
IP 172.66.40.168:0
File type JPEG image data, progressive, precision 8, 290x300, components 3\012- data
Hash f8b4beb7e2742d68027c681bc9a82ddf
f49edc62973200cb93402ad1e60024e7ac22e765
db3ed767b764cfe8475e82c11e8aa1b323244acb2c418fa9219754c9c038217a
GET /res/69198285/img/yhph18.jpg HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:45 GMT
content-type: image/jpeg
content-length: 9571
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10374
etag: "ae66d936eaf5c7ba5e7906bc09125750"
expires: Sun, 26 Mar 2023 01:24:38 GMT
last-modified: Wed, 22 Mar 2023 05:28:35 GMT
x-guploader-uploadid: ADPycdtjjMwOa8kXqOFR1QOSk6khuHdgyXQatM3Q7Md1DO0H-X7DyLIZcMs5T48vpoyAkywXMeOq13Aimhpl8D9E62X_qw
x-goog-generation: 1679462915829031
x-goog-hash: crc32c=8gc9Qg==, md5=rmbZNur1x7peeQa8CRJXUA==
x-goog-meta-x-goog-reserved-source-generation: 1679424703405419
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10374
cf-cache-status: HIT
age: 487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqHxqAq3CtI3blY%2BMcWZkUURvLD8%2Bq9sKyHZWP1rmcyzQZ2iovkDd4366isDr1MF8dYMXlHRddVSA1gV9A8v2Ep8k6toCCz5XRk12JmljjLwwHLLLbixWlyd11H2Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c59aa06b51d-OSL
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.130.133:0
Hash 1aaa5f147a73fb1dba2511fb2103d330
21189f3e55edbc21ad0d29934e6c6855bde6f39e
96888ab2baf289288c60734addef3739f366da46c856bad02746a99e2e9e1ee1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 29 Mar 2023 23:47:21 GMT
ETag: "21189f3e55edbc21ad0d29934e6c6855bde6f39e"
Last-Modified: Sat, 25 Mar 2023 23:47:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 26 Mar 2023 00:32:46 GMT
Age: 2664
X-Served-By: cache-qpg1274-QPG, cache-bma1679-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 112, 1
X-Timer: S1679790766.081249,VS0,VE1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4830
Expires: Sun, 26 Mar 2023 01:53:16 GMT
Date: Sun, 26 Mar 2023 00:32:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4830
Expires: Sun, 26 Mar 2023 01:53:16 GMT
Date: Sun, 26 Mar 2023 00:32:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4830
Expires: Sun, 26 Mar 2023 01:53:16 GMT
Date: Sun, 26 Mar 2023 00:32:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4830
Expires: Sun, 26 Mar 2023 01:53:16 GMT
Date: Sun, 26 Mar 2023 00:32:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb1e74ca-70b3-444b-a861-5272d79b4b54.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb1e74ca-70b3-444b-a861-5272d79b4b54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c20e353b556352fe8cac572c1a521a
8a398c883e28f78bbcc77561b19d21723184e5ef
50609077420d3540ba2a4eae74a28389384fc4acb085f0c04a9ec2d28b32569e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb1e74ca-70b3-444b-a861-5272d79b4b54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12879
x-amzn-requestid: 50831082-faf7-4213-9a38-35722e395f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smGOzIAMFdDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-2dfea10b0cbe3e3e62f4e9c5;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Vq8840kkTD_41lk9KsOVX-TWpiSFTT7NlhWmw_DDJ7ry3aP_rbPg6g==
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "8a398c883e28f78bbcc77561b19d21723184e5ef"
content-type: image/jpeg
age: 10539
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZQcPeutl5BzzzysPzWEzrEY8WU-0F-0twvGPT7RAX-UjNOCk3NtmMQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:35:57 GMT
age: 68209
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 908bd7a6c220345e72fa664f871424c4
61a5d3f11e85d5fd77192701c305cb8651aa6395
9531f5b25cab1030aa579aa9f3b369ecb9daf0b929573897c6516520c06084a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11100
x-amzn-requestid: 3021b51a-674d-45d7-9939-9257330c0dbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1hQFs1oAMFb0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f693a-0200a29207f6a3f5074c3cf1;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:35:54 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: NWvCK-Z608BCGDZIvuqVJ2wBQxwRoRmfjnxeDEcvzHZ7877go8IpRw==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:22 GMT
etag: "61a5d3f11e85d5fd77192701c305cb8651aa6395"
content-type: image/jpeg
age: 10524
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b21b2c60279839939b60afd83d047fa
544c243fe2d69156f50eec156a62de127128a028
091a59214cfc0af90b4cb820bb521577ae63e862ec10160b8f64c9a9e593630d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7823
x-amzn-requestid: c528eae7-69b4-4669-8c15-2b306586b84b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWHx5IAMFlEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-340c77491ea4440b340e3822;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 2uV186j4t31jcyYDdXxsw5YgM6P5nCbzmgXWvG-pVSpvsjXz6Fsp0A==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:19 GMT
etag: "544c243fe2d69156f50eec156a62de127128a028"
content-type: image/jpeg
age: 10527
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:21 GMT
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
age: 10525
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffef80630953d486de654abbb5d40ccd
06323c322ac667e3388bba406222121607eb804a
b853a741069e96d8430d766bb1422e50488622729bd069e29b8839ddc5743822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6566
x-amzn-requestid: 0a9abca1-24c3-4adf-8509-f8ebcab1c24d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smEZFIAMFyFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-6ce8a53e779d724a11af3531;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ibxm5Q-obzgZHNavKjqxgcgY9ePeF9PTC8wPzjE8fERmyVxaxnahKQ==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "06323c322ac667e3388bba406222121607eb804a"
content-type: image/jpeg
age: 10539
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?42edbeb9539d4016f8c4fd883f776e7d
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?42edbeb9539d4016f8c4fd883f776e7d
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (615)
Hash 7bab3898bc3f3e2f38b65d61971c4513
7066689b5c980bfcef13f3e5b204817d88bf7d79
b17cf7fad5764761d5deee5b0d857d67cb6fb4617bca110da5b25f581eac715a
GET /hm.js?42edbeb9539d4016f8c4fd883f776e7d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11253
Content-Type: application/javascript
Date: Sun, 26 Mar 2023 00:32:46 GMT
Etag: 7b2e620bcf7cbadf502cb460716d8bb6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C12E668465155878; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1327444643&si=42edbeb9539d4016f8c4fd883f776e7d&v=1.3.0&lv=1&sn=63197&r=0&ww=1280&u=https%3A%2F%2Fsweepstakeswinner.buzz%2F404
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1327444643&si=42edbeb9539d4016f8c4fd883f776e7d&v=1.3.0&lv=1&sn=63197&r=0&ww=1280&u=https%3A%2F%2Fsweepstakeswinner.buzz%2F404
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1327444643&si=42edbeb9539d4016f8c4fd883f776e7d&v=1.3.0&lv=1&sn=63197&r=0&ww=1280&u=https%3A%2F%2Fsweepstakeswinner.buzz%2F404 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 26 Mar 2023 00:32:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5D9DDCF542AAAEEC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r.img.social/res/base64.min.js
172.66.40.168200 OK 0 B URL HTTP/2 r.img.social/res/base64.min.js
IP 172.66.40.168:0
GET /res/base64.min.js HTTP/1.1
Host: r.img.social
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepstakeswinner.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 26 Mar 2023 00:32:44 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycduGKoPOOn85wO5E-EXy7YDVBpgvLnN0VjvMWV8L4y1Kf0qC2jVlLJD9PpkADW0umCLpIJYajWCISB4ZFr4SEmWiGJDjL4Gk
x-goog-generation: 1679462912334833
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4770
x-goog-meta-x-goog-reserved-source-generation: 1679424571607673
x-goog-meta-goog-reserved-file-mtime: 1679671350
x-goog-hash: crc32c=1SjhAA==, md5=1GRUiJax9HF8yMeEDZKEAA==
x-goog-storage-class: STANDARD
expires: Sun, 26 Mar 2023 01:24:38 GMT
cache-control: public, max-age=14400
age: 486
last-modified: Wed, 22 Mar 2023 05:28:32 GMT
etag: W/"d464548896b1f4717cc8c7840d928400"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98sPxkUNv%2Fwv46cxsoIYf0GXK3Y%2BR61YvKR450FbBJg%2Bvew2Rz0sKeWYU0%2Fh3SHHu83HK%2BikeOuBsA2h5v9ce9Jn3ROkNI49vj3n14duUeL1P%2FW6zX2mvS0ikNVYeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7adb4c591979b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2