GET /engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5 HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 217.69.14.8
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
Server: nginx
Date: Sun, 27 Nov 2022 16:01:18 GMT
Content-Length: 966
Connection: keep-alive
Location: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2399
Expires: Sun, 27 Nov 2022 16:41:18 GMT
Date: Sun, 27 Nov 2022 16:01:19 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 6212
Cache-Control: max-age=159206
Date: Sun, 27 Nov 2022 16:01:19 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:14:45 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2273
Expires: Sun, 27 Nov 2022 16:39:12 GMT
Date: Sun, 27 Nov 2022 16:01:19 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: Rmxwh1+uRo5w/tG//v/MYoMnahOGbOeAV6S0tABlmSRMbk5fq93miDFlJQIxjIYrj0Mtm3VhxcY=
x-amz-request-id: NE6147Z0KHW4515J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 15:44:41 GMT
age: 998
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 15:17:40 GMT
cache-control: public,max-age=3600
age: 2619
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /engaff2/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/png
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 449
last-modified: Wed, 23 Nov 2022 03:41:08 GMT
etag: "1c1-5ee1b0f1a8c3b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 32496
last-modified: Wed, 23 Nov 2022 03:41:09 GMT
etag: "7ef0-5ee1b0f250bbd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/png
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 35519
last-modified: Wed, 23 Nov 2022 03:41:13 GMT
etag: "8abf-5ee1b0f68db2c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/gif
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 5083
last-modified: Wed, 23 Nov 2022 03:41:08 GMT
etag: "13db-5ee1b0f1a5d5b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
vary: Accept-Encoding
last-modified: Wed, 23 Nov 2022 03:41:00 GMT
etag: W/"21-5ee1b0ea74082"
content-encoding: br
X-Firefox-Spdy: h2
|
GET /engaff2/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
vary: Accept-Encoding
last-modified: Wed, 23 Nov 2022 03:41:06 GMT
etag: W/"da7-5ee1b0ef531b3"
content-encoding: br
X-Firefox-Spdy: h2
|
GET /engaff2/img/profiles/african/male/3@0.25x.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 2518
last-modified: Wed, 23 Nov 2022 03:41:25 GMT
etag: "9d6-5ee1b1019acf3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/profiles/african/male/10@0.25x.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 2302
last-modified: Wed, 23 Nov 2022 03:41:24 GMT
etag: "8fe-5ee1b100ec010"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/profiles/african/female/6@0.25x.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 2766
last-modified: Wed, 23 Nov 2022 03:41:20 GMT
etag: "ace-5ee1b0fd79304"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/profiles/african/male/9@0.25x.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 3146
last-modified: Wed, 23 Nov 2022 03:41:25 GMT
etag: "c4a-5ee1b1019acf3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 23152
last-modified: Wed, 23 Nov 2022 03:41:13 GMT
etag: "5a70-5ee1b0f68db2c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/profiles/african/female/5@0.25x.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 1960
last-modified: Wed, 23 Nov 2022 03:41:20 GMT
etag: "7a8-5ee1b0fd531a4"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/profiles/african/female/1@0.25x.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 2781
last-modified: Wed, 23 Nov 2022 03:41:19 GMT
etag: "add-5ee1b0fc0ee1f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /engaff2/img/profiles/african/male/2@0.25x.jpg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 2053
last-modified: Wed, 23 Nov 2022 03:41:24 GMT
etag: "805-5ee1b100ecfb0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 15:11:12 GMT
cache-control: public,max-age=3600
age: 3007
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /js/pub.min.js HTTP/1.1
Host: push.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
|
search
67.212.184.146
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Mon, 28 Nov 2022 16:01:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 1366
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 16:01:20 GMT
Last-Modified: Sun, 27 Nov 2022 15:38:34 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
GET /sw.js HTTP/1.1
Host: push.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
|
search
67.212.184.146
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 27 Nov 2022 16:01:20 GMT
content-length: 776
last-modified: Mon, 03 Oct 2022 07:40:54 GMT
vary: Accept-Encoding
etag: "633a9206-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2
|
GET /engaff2/img/fb-like.svg HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
vary: Accept-Encoding
last-modified: Wed, 23 Nov 2022 03:41:01 GMT
etag: W/"1213-5ee1b0eb1b064"
content-encoding: br
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 16:01:21 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 16:01:21 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 16:01:21 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17647
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 16:01:21 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 65384
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 51273
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 65380
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6954
x-amzn-requestid: 94a02687-72f2-4796-a7ea-d3f28b412566
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jHpGBVIAMFsSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787efd-22666b18283ae59b1348bf47;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: feZayJeKq9jWHQ-rjutNr6buIjLVeIdY0A_ZeGo6NKgoQ6BBT3XQaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:55:33 GMT
age: 25548
etag: "4b4a8c8e8aeccfff25d2748720dcef8fed287126"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 65473
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GT3Futv4Ztnl2Og2TQFk5311m92Mv_jfvkIZYJXpjJMdkxSB6MI06g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 06:42:16 GMT
age: 33545
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /engaff2/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5 HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
vary: Accept-Encoding
last-modified: Wed, 23 Nov 2022 03:41:18 GMT
etag: W/"24ab5-5ee1b0fb0159c"
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5 HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
217.69.14.8
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
vary: Accept-Encoding
last-modified: Thu, 24 Nov 2022 17:21:45 GMT
etag: W/"2eda-5ee3aa3ba2b1e"
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /sw.js?v=1669564879590 HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
vary: Accept-Encoding
last-modified: Thu, 24 Nov 2022 17:34:16 GMT
etag: W/"39-5ee3ad0712ba3"
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /engaff2/js/app.js?id=0601d5f2aaa1656cef1f HTTP/1.1
Host: 65.winprizes265.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://65.winprizes265.monster/engaff2/ngaff2022n4.html?city=Mountain%20View&model=Pixel%204&brand=Google&cep=g60EkcynxSWy3K0AC5PCPBzlGY1FpYC8gRw9C_kuznWH2jcAh0-Ji0dheXQ7rh0DmmkGIu84ImEHOXJe8Wo4B1ebkRvY5a4dN9lWe3bUHp9Vfk6CyTdIXCLvt9_BXWvg8l5UZYua2zJute7cjjJ9VBBlASSFBOGEIEgRtkO9emdkP8SHwckC9azlgqGJ4CTprrDEy-CEAApDh3x3TFva6dtQ_gW1pBmTl0ZWEaGlt7CpqJUjzGUdSyN6WMJdyZhAf5u47Yh-Zkog3ng5ycg4SpS8BBy65D1crDnfUkH7LiEa7Xx5Sel6YdW4Xa-hRchtyd0sx5OaUn_mL13zjhE6IXaLJ_ORYZtNDdfUG6AVHbF9UO2SrQ96-hQaUDWRA_9tmncVP0TJHDhtfX8PHN1NdlwAHuJ7U1uXgkoLYqQBZxw&lptoken=16df69305620668068f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
217.69.14.8
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 27 Nov 2022 16:01:19 GMT
vary: Accept-Encoding
last-modified: Wed, 23 Nov 2022 03:41:04 GMT
etag: W/"3d1-5ee1b0ed6dc0c"
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
45.76.148.82
80.240.19.207
94.237.93.242