myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
200 OK 4.6 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2002)
Hash 36c4ed2574c56bda428afa14fdd50052
fb33aacb0ce7e01217b3a9c7ee555eb058a898e9
d39b329c166a71890a9c7b1bae2528f0ffa8b724cdc0d4a7c9961bd7ed946bca
GET /1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1 HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 22 Jan 2023 02:00:24 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
ETag: W/"c6b9706f45479046ae1c3e5d34589863"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jKUxU0AcM6Sn2nFaZqpCy9bJP854hwC3d4WRlwgtWR7Rob20B0DYDA==
Age: 52798
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15905
Expires: Sun, 22 Jan 2023 21:05:26 GMT
Date: Sun, 22 Jan 2023 16:40:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15129
Expires: Sun, 22 Jan 2023 20:52:30 GMT
Date: Sun, 22 Jan 2023 16:40:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10837
Expires: Sun, 22 Jan 2023 19:40:58 GMT
Date: Sun, 22 Jan 2023 16:40:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 16:34:51 GMT
content-type: application/json
age: 330
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4pFAXXZ87QHSBr4XxRsyTRxunliBPhJb1Ptg9CmhOIwySm95PlnsmY1s4LtYD6fJUYmUMa9pkUQ=
x-amz-request-id: PVQMH07BF3EY78B3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 15:47:20 GMT
age: 3181
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
myonlygift.xyz/1/prizewheel/cash/npcash/css/app.css?id=c588c17324f2be0e0ec9
200 OK 33 B URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/css/app.css?id=c588c17324f2be0e0ec9
IP
File type ASCII text, with no line terminators
Hash c588c17324f2be0e0ec90a18f39e7d7c
69d360eddd15f527aac7f7e610346517732b7770
b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
Analyzer Verdict Alert fortinet Phishing
GET /1/prizewheel/cash/npcash/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 33
Connection: keep-alive
Date: Sun, 22 Jan 2023 10:07:14 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:09 GMT
ETag: "c588c17324f2be0e0ec90a18f39e7d7c"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: w16DOBNpamwibL9QU3hKjf5UlwOE47iNXlnfyujprQl8ta8uenJvNQ==
Age: 23588
myonlygift.xyz/1/prizewheel/cash/npcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
200 OK 1.1 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
IP
File type ASCII text, with very long lines (3495), with no line terminators
Hash ba8a1435ff223b2909706f678310def7
6d945ed87239f4b1544ee080873e3aacd70ac653
cafe68f02f3d4331a25a26a8419497011c8d18b583064f9ad7eacc167a5f5081
Analyzer Verdict Alert fortinet Phishing
GET /1/prizewheel/cash/npcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 22 Jan 2023 02:08:27 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:09 GMT
ETag: W/"cd41123a11e97e0f2444b57d180631a0"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1gi9WQwBxAmVG_kG1yYQB8KAS1hLvcG0eIhOs3RDDLDykHiPOgRFnw==
Age: 52315
myonlygift.xyz/1/prizewheel/cash/npcash/img/prizes/iphone-12-pro-max/default@0.5x.png
200 OK 20 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/prizes/iphone-12-pro-max/default@0.5x.png
IP
File type PNG image data, 250 x 179, 8-bit colormap, non-interlaced\012- data
Hash 66674929adafe41da52ec5a34e998089
048f0a57e6d2cc1cd81c15a8365997dd0dc9bf5a
c8fd5fd5117beb2946109507b7111841e9d5781cf65128dbc0d0d74270e24a83
GET /1/prizewheel/cash/npcash/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 19935
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 22 Jan 2023 12:23:01 GMT
ETag: "66674929adafe41da52ec5a34e998089"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LaUrmGfU-6btENomewmGuNt0sxDZLv7oYtZBvY4qijQNul26wjKxLw==
Age: 15441
myonlygift.xyz/1/prizewheel/cash/npcash/img/landers/prizewheel-fb/loader.gif
200 OK 5.1 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/landers/prizewheel-fb/loader.gif
IP
File type GIF image data, version 89a, 50 x 50\012- data
Hash ed786659a534e0d183c09a90c50abc9d
a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97
GET /1/prizewheel/cash/npcash/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 5083
Connection: keep-alive
Date: Sun, 22 Jan 2023 02:08:27 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
ETag: "ed786659a534e0d183c09a90c50abc9d"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: to2uVTKA9us80sBTpbkPQDHBs084y-_8n8VJTkR4dxVBqWzj8fF5sg==
Age: 52315
myonlygift.xyz/1/prizewheel/cash/npcash/js/app.js?id=15b1bae461854d516179
200 OK 977 B URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/js/app.js?id=15b1bae461854d516179
IP
File type ASCII text, with very long lines (977), with no line terminators
Hash 15b1bae461854d516179a34a8c9b5f08
330c1d191253fe07c5fe6b5af37872408f2e5904
1bd25e467ea078265aee433e0cf9732a7e127514304634590a2de17fb2330896
Analyzer Verdict Alert fortinet Phishing
GET /1/prizewheel/cash/npcash/js/app.js?id=15b1bae461854d516179 HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 977
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 22 Jan 2023 02:18:09 GMT
ETag: "15b1bae461854d516179a34a8c9b5f08"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EQjRl5RWK3KnblzMS-DxRxrV2KaoIew3kIZTdmRngkP-RCvXiWsAcw==
Age: 51733
myonlygift.xyz/1/prizewheel/cash/npcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6
200 OK 52 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6
IP
File type ASCII text, with very long lines (65475)
Hash c260ca86a6f57342b89701c8711be74c
b540cd0480bd7ca9de39b7ccb9a930952fc08d32
44487e51ae4094a16d32fbbabb4a7537d370792aa5401d05c8af45ad8bd2178c
GET /1/prizewheel/cash/npcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6 HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 22 Jan 2023 00:51:52 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
ETag: W/"cdf97653c213f02233f50a1ec975633c"
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: q-zgB2uf9Z7_aU9SfsSuJsFjD7yPsMhdyVUeGN1XcPcua9EMCaF_-A==
Age: 56910
myonlygift.xyz/1/prizewheel/cash/npcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg
200 OK 32 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Hash d4655cba21d806e849eed4e4119fbe1a
6453039d85005643e9d65074ca022f63b5d47cdd
90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7
GET /1/prizewheel/cash/npcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 32496
Connection: keep-alive
Date: Sun, 22 Jan 2023 04:11:52 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
ETag: "d4655cba21d806e849eed4e4119fbe1a"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: O3ujLCS6MER_YtP2GzF3qXhWW5Gu2UWMEAR6irvGWYU_MkIHd-teWw==
Age: 44910
myonlygift.xyz/1/prizewheel/cash/npcash/img/landers/prizewheel-fb/notification.png
200 OK 449 B URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/landers/prizewheel-fb/notification.png
IP
File type PNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data
Hash bd5203f2cc9e7a9125e4575e029541b0
9fa565ab2f4b55da4735b79e529562252b3c9afe
db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f
GET /1/prizewheel/cash/npcash/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 449
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 22 Jan 2023 05:18:17 GMT
ETag: "bd5203f2cc9e7a9125e4575e029541b0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fIej3t1c1_f6lD3XMwhXGY0KVn13_D93UUZpAB8aPmd_0Ri1NzZelQ==
Age: 40925
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 16:40:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
myonlygift.xyz/1/prizewheel/cash/npcash/img/landers/prizewheel-fb/prizewheel_static.png
200 OK 3.4 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/landers/prizewheel-fb/prizewheel_static.png
IP
File type PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data
Hash dc484e0043b5ff6191b1880c8779863c
a5b67e3dff3dea3940eed090431aecbb36611b1d
30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6
GET /1/prizewheel/cash/npcash/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3370
Connection: keep-alive
Date: Sun, 22 Jan 2023 02:08:27 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
ETag: "dc484e0043b5ff6191b1880c8779863c"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QyIGXZruIFWrugYN-kyuUbOeTkgT2tavhEsSuQaruR_Hvdqb_RvNgw==
Age: 52315
myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/male/10@0.25x.jpg
200 OK 3.4 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/male/10@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 128x128, components 3\012- data
Hash d9a8df3e21aba705922061a07fabdbf1
748584e3c7c4e7f7f025ce4155644c32691cb5ba
ff80ac3bc5088101cb352d27ed48a576fa3e12832b0f2166dbe6dbf39a60b51a
GET /1/prizewheel/cash/npcash/img/profiles/south-asian/male/10@0.25x.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 3446
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 22 Jan 2023 12:23:02 GMT
ETag: "d9a8df3e21aba705922061a07fabdbf1"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: teA21CIwpYbv72it8wGm1mCiVKXRvo_zFKLtmgZWn74rWE524GVBWA==
Age: 15440
myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/female/6@0.25x.jpg
200 OK 3.0 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/female/6@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 128x128, components 3\012- data
Hash 0a2602e52bf858f58f7055d2d767c197
8536f15ffd401c61a976434953360cfc29ffb47e
46a818cc00663ce201b8fad257181de21d0200d47aefe6ec7b97123aacf6c3d5
GET /1/prizewheel/cash/npcash/img/profiles/south-asian/female/6@0.25x.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 3020
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 21 Jan 2023 22:09:20 GMT
ETag: "0a2602e52bf858f58f7055d2d767c197"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IRwbqrD066SWojnqm1GvWxgw410pbLNDxQ17zbegi5md1xtkBjGgMQ==
Age: 66662
myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/male/9@0.25x.jpg
200 OK 3.5 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/male/9@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 128x128, components 3\012- data
Hash e752003f7fd0dd89677e743dd77f980d
1b0454ff2be96603c38f177537bff8712935def4
c1b0af1a82b85d851c7ede45f2b1cb711583d061917dc47f94ce75c9273ddef8
GET /1/prizewheel/cash/npcash/img/profiles/south-asian/male/9@0.25x.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 3516
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 21 Jan 2023 22:09:20 GMT
ETag: "e752003f7fd0dd89677e743dd77f980d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: q_JHXVLYdH98_X_e5V4mGGLUwokz0tRsl6mo1VPGT-ZvTLw_MtNYUA==
Age: 66662
myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/female/1@0.25x.jpg
200 OK 3.3 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/female/1@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 128x128, components 3\012- data
Hash fb5fe39b137ae3031317cd6973fda68b
46922080e7e0557afcac22c64f9d55af2e730c86
7b9690cdd4e0cb04183d9bafd406fbc87e6c81046c776d59ba2dd7e9ceae947f
GET /1/prizewheel/cash/npcash/img/profiles/south-asian/female/1@0.25x.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 3339
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 22 Jan 2023 12:23:02 GMT
ETag: "fb5fe39b137ae3031317cd6973fda68b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jd_LvYq2fQ7s_g91CXiarQQag_PsPbYsiy5mh_niZIyE7quyI5-9CA==
Age: 15440
myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/female/5@0.25x.jpg
200 OK 2.3 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/female/5@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 128x128, components 3\012- data
Hash 98bcd4e6223fb41f34f9d20f3fed86d2
04ffc7d79511b8380a2f1606345cbcdd8fd63ef3
c021ea995f3ac999b04162cfd703f99cc7ab38ca8c6495287610fc945e21ed25
GET /1/prizewheel/cash/npcash/img/profiles/south-asian/female/5@0.25x.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2318
Connection: keep-alive
Date: Sun, 22 Jan 2023 02:08:27 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
ETag: "98bcd4e6223fb41f34f9d20f3fed86d2"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q-S2JY5vdzzqRX8RPpmMfyJl5EUh-W_sWe73HVb_zIE2WqXVGpCykQ==
Age: 52315
myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/male/2@0.25x.jpg
200 OK 2.8 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/male/2@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 128x128, components 3\012- data
Hash 3a03d0953111d0bab8bb000d914ae9f5
935bac7ce117c9fe16a6a6a44c4b83dc442d0a39
810516dd8de28de198b9005d8c3a19f61841a18655046fdce8aea22ce0ba2950
GET /1/prizewheel/cash/npcash/img/profiles/south-asian/male/2@0.25x.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2800
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 21 Jan 2023 22:09:20 GMT
ETag: "3a03d0953111d0bab8bb000d914ae9f5"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7ERbDWP5cmF1I0irkLQvGi0SAZ1_GNC0m8WYAPLg1JWsL7mxsn9U8w==
Age: 66662
myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/female/3@0.25x.jpg
200 OK 2.5 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/female/3@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 128x128, components 3\012- data
Hash 719db1f4103dae5cdce3f5e515b6f8d0
b66fb13eb815275dc542df93a43ec25871bfe86c
b6f5528c58b4e3dfa5fd5bbddbca64dc2014364337e4f6c7c9c4036d1788de6f
GET /1/prizewheel/cash/npcash/img/profiles/south-asian/female/3@0.25x.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2454
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 22 Jan 2023 05:57:00 GMT
ETag: "719db1f4103dae5cdce3f5e515b6f8d0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wcHK3uMwPrC6mtu_d_1_GUtiOfKftfpgdyrNwyH-gCMWP7kSunISmw==
Age: 38602
myonlygift.xyz/1/prizewheel/cash/npcash/img/fb-like.svg
200 OK 2.1 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/fb-like.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4627), with no line terminators
Hash 94b11e2fd7883923dbe24695ef22cad4
2d32fc2891e8c0ee4edc9f18e147b7d6bf403e61
8477ac97cdbc3b07770b2a618ac05965e6dd60c6fa01cfbf2e6b66e6d173726c
Analyzer Verdict Alert fortinet Phishing
GET /1/prizewheel/cash/npcash/img/fb-like.svg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 16 Jan 2023 15:55:09 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 22 Jan 2023 09:02:00 GMT
ETag: W/"765203989756e91925e8f947e660b644"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vqvBPxxtXRpZaE5w3_SseEBf94XrP_afdHCcz6Eu1WWv9oadxqLgoA==
Age: 27502
desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js
200 OK 14 kB URL HTTP/1.1 desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js
IP
File type C source, ASCII text, with very long lines (39559), with no line terminators
Hash 710afc5f904ea87801da7e4974cf1979
8e8351827329a8671b337441784391195dc27c4f
24e7227f0bed8ca17bcc0a344c550167c34016d0160111bfff4136b570f82ca8
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 16:40:21 GMT
Content-Type: application/javascript
Last-Modified: Wed, 21 Dec 2022 12:58:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63a302ea-9a87"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/male/3@0.25x.jpg
200 OK 2.8 kB URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/profiles/south-asian/male/3@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 128x128, components 3\012- data
Hash e0e1c71521e196029de3a477f55555b4
9c63de173f03a5164b5741ff40a5aeaec7f73faa
f93563cee3c44cfbab3d4750427af8f1aa7318ecc7d15e51cdb5e621108e77d8
GET /1/prizewheel/cash/npcash/img/profiles/south-asian/male/3@0.25x.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2805
Connection: keep-alive
Date: Sun, 22 Jan 2023 16:40:22 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
ETag: "e0e1c71521e196029de3a477f55555b4"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hYTt5Nvm_xA-OU5ZYLpHYT7FMXs-4p3kgEuXWDHRel8luCl6zL5fvQ==
myonlygift.xyz/1/prizewheel/cash/npcash/img/prizes/iphone-12-pro-max/proof.jpg
200 OK 329 B URL HTTP/1.1 myonlygift.xyz/1/prizewheel/cash/npcash/img/prizes/iphone-12-pro-max/proof.jpg
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /1/prizewheel/cash/npcash/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1
Host: myonlygift.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myonlygift.xyz/1/prizewheel/cash/npcash/index.html?brand=Desktop&domain=clickwinner.icu&cep=GvtIOFwv5ITzyWGnakMYKlZ1JaPkv7WVjZotfSBNCZEp_hzSE6zON0jYRQU_f6CnBAky1--paBCL5ai7hG9Hwnb2vGtWqcNmGGKpRcK2c52ae-NA_vj_wLNSzP8N1e9g7JsQ649XYE2CmG0dA_DN-0mpS3yX5EZ1S9ycTpkuBduViK5vlxj14H9R6lS8yWFkc-QWMtDczYiVrnNTvA0n8ppkUgBJhExiOSiLUeQ2RWqPMV2SE9ZpzJyo-zMl6XfIBoFK02EcFcFfr-aKglKPkXT3HVLLTzsJYSrOZWlFcl-mWv1he2EMd0sTOTxiVu4MdTUpeUcu-OtupcvBm0DjxDOrc9zd_7F174pAWznCCcAariI3jA-105MyNFc74egu&lptoken=167f745a401874f201b1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 487056
Connection: keep-alive
Date: Sun, 22 Jan 2023 02:08:27 GMT
Last-Modified: Mon, 16 Jan 2023 15:55:10 GMT
ETag: "ea0ebe83f3c0cb7082846bc987c9a69e"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CT1AqsQQaG5E68FPszVQW8bqW8hCX9abCceCmpfCV0go2ECQ88uKsA==
Age: 52315
ocsp.digicert.com/
200 OK 471 B IP
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3323
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 16:40:22 GMT
Last-Modified: Sun, 22 Jan 2023 15:44:59 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: My/QT33KMVEC20WGpa8CTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ff5h/vag+O0nd3s8ObX0J7p/Xh0=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6017
Expires: Sun, 22 Jan 2023 18:20:41 GMT
Date: Sun, 22 Jan 2023 16:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6017
Expires: Sun, 22 Jan 2023 18:20:41 GMT
Date: Sun, 22 Jan 2023 16:40:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6017
Expires: Sun, 22 Jan 2023 18:20:41 GMT
Date: Sun, 22 Jan 2023 16:40:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b7dac109bc648666356225a0d21ed17
f07e82cffe064c296cb1b2c80f7b09feb7552bbe
cc8997d71cd85021addccb0f6a0f00edf95f9747333ff0a436581db4ede78f51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612dbd3f-3cd3-44bd-8729-b4d4aa118f87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6102
x-amzn-requestid: 256e7b90-3052-41f7-abcf-43c455a2ee7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOFfEZtIAMFWhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d56-3237bb0a1f86766b5eb86e82;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:47:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PcHoBpKnLZj86KR261shofMwYYOoYLkwFHLgXS4ICo5jaySNb3f8_Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 22:00:49 GMT
age: 67175
etag: "f07e82cffe064c296cb1b2c80f7b09feb7552bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tYwSI7_1wwDixmup43f8j54sJ541GjyzB2rboENRXfSpuwPKImlNjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 01:38:03 GMT
age: 54141
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ec85cf23f6ed6a70e62e17998dfcede
2a690f14cf97f33da2c4f4b21c737a7ca37665b4
ae3cedd8f51f9ed2d996f1d75e7288802d68fa3c27d928934311e4d8821940cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 86dec496-ff1b-4db8-9bcb-12275f6feeb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBGiOIAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-16c24501673bc2161c1e8a3b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GQ2E2QJ9WGrRFcbmucLjzAwgimtD8ndEVR5vyT9LDLJUW6IbxCwemw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:55:39 GMT
age: 67485
etag: "2a690f14cf97f33da2c4f4b21c737a7ca37665b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e5cb3e8d03fffcd307c5ebaef08167
1a813821d15afd416b82c3343a7920a0ffc909cb
84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7656
x-amzn-requestid: 6e1ebd9d-6ef0-48d0-a891-51bbf914ed42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNlYHaUoAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c88-479e8fb72b0b248d020d9e77;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pu5h9aerRhgCkbAszYjgiRrblEiomyl7ev5WRmdAjQSTQNgSqczG0A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:15 GMT
age: 67329
etag: "1a813821d15afd416b82c3343a7920a0ffc909cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2bxIP5fBGoswPsQAvhRGhNlrHNQtiCpgWFr_S3fjQuyEXPW8amllzw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:50 GMT
age: 67294
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bvxndyaEjWVBvL2nJxC78dz74Pd-mf2NwURh-C-y548P9KfPZiWaZQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:54:17 GMT
age: 67567
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
54.230.111.69
139.45.197.250
23.36.77.32