r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18837
Expires: Fri, 23 Sep 2022 02:09:07 GMT
Date: Thu, 22 Sep 2022 20:55:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 20:14:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wsG3431Y8zJXtsooefaaYIxQ0OjJ9Ye8ONx_RXCPiVqRKVmBpSiBJg==
Age: 2468
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V-aAiQeR98D21sX2_3scgfg9Q2CXZFCVXgOYuOVX0ZCSvCTSUjjILw==
age: 58796
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 20:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 20:17:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R3HFgNzYVvaM1YvTxLSuvcFjn_tmPmfVBERhOs9uJKgVeG0VhB4hng==
Age: 3108
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6470
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:10 GMT
Last-Modified: Thu, 22 Sep 2022 19:07:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.242.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.242.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HAhnjVtaCCogqK24vZtaxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: se7/JoZOl8V4CSjt4IQQdZptmus=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4701
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 20:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4701
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 20:55:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: u2ObvTaTM2JREJRnWVxEdqPXYFWTdrtlqLLbHugcsNbENjZq63rKVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:24:06 GMT
age: 19866
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 83206
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 83205
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 84063
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2795c07b-89a5-463f-b878-f9fc1516ca2c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2795c07b-89a5-463f-b878-f9fc1516ca2c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83b8fc3c907a9376f388cdd41eb30de3
227691093684ffbda302b03e47a2da98d7223080
c44a8ab222a9bfb2d9d3f3d5b77518677ce71267176687ed83c582a0a90b2668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2795c07b-89a5-463f-b878-f9fc1516ca2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11128
x-amzn-requestid: 43c8e452-ecc3-4e55-8cde-5436e10e75f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYqRFG6ZoAMFaSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202406-757f6268476aae3976dc901a;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 06:32:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-15hB8FKj9jG2JvULOd8ioxP29DlWl5bnGdMvm7YAO1Jm0f78BScQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:03:57 GMT
age: 6675
etag: "227691093684ffbda302b03e47a2da98d7223080"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 84063
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.24.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2512323
expires: Tue, 12 Sep 2023 20:55:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flJEVT7%2BqwVqu7nLztUtEAVT9NYt3DsYaD2hLCa0gkEXdDCLs7YIo1OlDYswK%2FCJfFotsjzDWMOb9CiqP6Pn7Yvby%2B9YK78XFrv%2B79yZ6TBpb%2B%2BVcmphWA2b058qL%2FYLAfiVFk7%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74edf0b029b2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.24.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6035755
expires: Tue, 12 Sep 2023 20:55:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZg%2BIJwM2fKF7PNonTayyfhQqx7MKdlvD%2FLF8KO1zU6hp4%2FT9z%2Fv3AZoEH8iykVPHdZrltDidt%2Fe4l8BbOG9IuPF3Cmao7fVVYmF9FHjV6qkXKfTPM6QwxlgiQIZCs6u6fKGuxft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74edf0b02ab70afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (65326)
Hash 77348602be5574ea01c6e042f63a9b12
1a0d5e8fdf352f8e58351f85152be5d141547e11
57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a
GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 20:55:12 GMT
age: 15945065
x-served-by: cache-fra19178-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23906
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 151629f36761d6fb6d0e0330239884a6
ebb9c30e5565793e2767735f0647bdf26fed4ab5
53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 20:55:12 GMT
age: 13541577
x-served-by: cache-fra19179-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21785
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6124
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:12 GMT
Last-Modified: Thu, 22 Sep 2022 19:13:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
www.freegiftmobilelegends22.work.gd/static/css/imryu.css
20.189.78.99200 OK 1.7 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/css/imryu.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type assembler source, ASCII text
Hash dc3d515c72435ed8e3e1b6841d5b85ed
07af65b168ab961f20d827a581fd22206c710017
9d8beb6506eb1be9587a864c3a529929d78a8c27f0b6e5499e579088b14f35d2
Analyzer Verdict Alert openphish Mobile Legends
GET /static/css/imryu.css HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: text/css
last-modified: Mon, 29 Aug 2022 17:36:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1651
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/css/animate.css
20.189.78.99404 Not Found 1.2 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/css/animate.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
GET /static/css/animate.css HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/
20.189.78.99200 OK 12 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4737)
Hash e411ae310f378ef674f79fff0139475c
7752d91b281126841eb40ef948245f1f3247dee3
0925db13e5ecfcd6544829ac576e8b69ae349c86980559860953e4f21b3cfbdb
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET / HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab9170d59e1c01422d2c55356248b569
0df99ca360de0b69a7e79d8e79b6383fec4a5453
7747cc09f59efbc03c3663c9be6bb63248a43f8f310c1bae1466255e83a72455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freegiftmobilelegends22.work.gd/static/css/twitter.css
20.189.78.99200 OK 480 B URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/css/twitter.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 090d8755ece1611abe9a0e2ae2c5eba7
3b2a0e6e40f108f0f987e177b7251fa40a5c371e
a8552e3c3982a644600cf2e5b11873e6c20841e15a0ca2cdae3590257e61a0a1
Analyzer Verdict Alert openphish Mobile Legends
GET /static/css/twitter.css HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: text/css
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 480
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.slim.min.js
69.16.175.10200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.slim.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65245)
Hash 63f8c134408852106835db2f928cf0e0
7ca0035d2a05154f1f93e19793b2298973cc8733
2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5
GET /jquery-3.5.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:55:12 GMT
content-encoding: gzip
content-length: 24606
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663880112.dop022.sk1.t,1663880112.cds214.sk1.hn,1663880112.cds202.sk1.c
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 82a66584a54409de933659715ea7acf1
2904c9dd2c2fd80efd000a52df056e4987e406e6
51a9eb00b12985ad6439c2674e9a74f9de368d78bacb6ce9d7bdf7630ff1fb8d
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 20:55:12 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E5F0677E65048107E28CA70799920144DA4D0126"
Expires: Fri, 23 Sep 2022 08:00:00 GMT
Last-Modified: Thu, 22 Sep 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 416
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74edf0b13eff0b31-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2aaec9cbe28343d60597d0371f8ed16b
4456dfef025ab6be775cf3fec5afb553dbfe28d7
7e2ae8341c557e5f590cab1a3ba0d1207ad4a039729b7552b48b40dbb6fc53c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.postimg.cc/x1P6XcsQ/Zilong.jpg
162.19.88.68200 OK 112 kB URL HTTP/2 i.postimg.cc/x1P6XcsQ/Zilong.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 491x800, components 3\012- data
Size 112 kB (112475 bytes)
Hash bc54c820d676775bcd81234f7b751605
8d0ce0766608d6089244ebf577ae69246530a0ac
df66a08721326009f5f5be05e08d0056a38d128217ab1341ce33268451b3d1b5
GET /x1P6XcsQ/Zilong.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 112475
last-modified: Mon, 07 Feb 2022 22:49:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
216.58.207.234200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 13:30:59 GMT
expires: Fri, 22 Sep 2023 13:30:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 26653
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6124
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:12 GMT
Last-Modified: Thu, 22 Sep 2022 19:13:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
i.postimg.cc/d3c3FcM4/Valir.jpg
162.19.88.68200 OK 37 kB URL HTTP/2 i.postimg.cc/d3c3FcM4/Valir.jpg
IP 162.19.88.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 248x408, components 3\012- data
Hash f7275a5fcbe45309b28cf1b9478b9867
fe00691f885ade4086069856308494e89fcb71cf
107f7ccbb2991e724498a2344b6296b816432e29b27be5c3702090dd5e57de7b
GET /d3c3FcM4/Valir.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 36811
last-modified: Sun, 17 Oct 2021 20:01:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/4xXpy19R/facebook.png
162.19.88.68404 Not Found 2.7 kB URL HTTP/2 i.postimg.cc/4xXpy19R/facebook.png
IP 162.19.88.68:0
File type PNG image data, 320 x 320, 4-bit colormap, non-interlaced\012- data
Hash ff125c736fd0092c080f73bb486d9ceb
d790adffabc313b5d4b161ce4c696f4a0480f97a
4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420
GET /4xXpy19R/facebook.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/png
content-length: 2712
X-Firefox-Spdy: h2
i.postimg.cc/Z5BNzfCg/IMG-20220608-WA0006.jpg
162.19.88.68200 OK 98 kB URL HTTP/2 i.postimg.cc/Z5BNzfCg/IMG-20220608-WA0006.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 494x800, components 3\012- data
Hash 51caaa55dd8525217118bead91291ff4
c95dde7b518e1f9037d8f39034dce2878d8c416d
af1fd5ff7bbb5b2c0de54966a5ab1363d3388769115967d04ca6de276a1b0ef4
GET /Z5BNzfCg/IMG-20220608-WA0006.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 97968
last-modified: Wed, 08 Jun 2022 06:20:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/6Q28NpYw/IMG-20220524-181348.jpg
162.19.88.68200 OK 84 kB URL HTTP/2 i.postimg.cc/6Q28NpYw/IMG-20220524-181348.jpg
IP 162.19.88.68:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:37, GPS-Data, width=0], baseline, precision 8, 259x420, components 3\012- data
Hash 2c0b805aac8e851fa50c09d85b17b2e3
831f9ffecc963c91629ac2a9c9c2d693607b8575
981016fe4c87fadcc6272ff88a64ff983111930816aec5cb439f936c1d5287a8
GET /6Q28NpYw/IMG-20220524-181348.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 84260
last-modified: Tue, 24 May 2022 11:24:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/PJxGBPQQ/IMG-20220524-181326.jpg
162.19.88.68200 OK 76 kB URL HTTP/2 i.postimg.cc/PJxGBPQQ/IMG-20220524-181326.jpg
IP 162.19.88.68:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:44, GPS-Data, width=0], baseline, precision 8, 260x422, components 3\012- data
Hash 89e965277b68daee285511ff5bfa4f85
a6d8025e96056cfc40f00d5b34dfc1fb34b90512
3d48acf1c00e69c6ff84a2b69e43fb741f22c7cc573dea1a2b35800899ff9976
GET /PJxGBPQQ/IMG-20220524-181326.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 75839
last-modified: Tue, 24 May 2022 11:25:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/W3vX7c5g/IMG-20220513-160904.jpg
162.19.88.68200 OK 76 kB URL HTTP/2 i.postimg.cc/W3vX7c5g/IMG-20220513-160904.jpg
IP 162.19.88.68:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:13 09:08:28, GPS-Data, width=0], baseline, precision 8, 254x416, components 3\012- data
Hash 64c708f0b35767924807decf78122ca3
efe909b3135ad2851b5d8cf43b36d268f387f15c
703d05bb4b445cc412aaa63247360c5f5be317c18ba61a2baaf940ece930e947
GET /W3vX7c5g/IMG-20220513-160904.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 75848
last-modified: Fri, 13 May 2022 12:23:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 316dd96c27cb1cae8a533df4714092b6
884cf94b1b24b145c72f60e7e36d7012a501f6f7
845cc35126bbeadcd22c6e8ad40d61981c776617f2a7e514dbc9110cf10b2d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.postimg.cc/C1BrTTZd/FanyFuni.jpg
162.19.88.68200 OK 107 kB URL HTTP/2 i.postimg.cc/C1BrTTZd/FanyFuni.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 490x800, components 3\012- data
Size 107 kB (107076 bytes)
Hash 428b2e29a1396c1a68c3399d2c3b71fb
7e3b11b337d2e45c0595508991235e1e577b7712
8546bccaa45ec39e96d8f8e62a54cc6c3eccf179bb6cb14ec8a477632e87e460
GET /C1BrTTZd/FanyFuni.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 107076
last-modified: Mon, 24 Jan 2022 04:02:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/6p5mKm7h/1655721923429.jpg
162.19.88.68200 OK 127 kB URL HTTP/2 i.postimg.cc/6p5mKm7h/1655721923429.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 500x800, components 3\012- data
Size 127 kB (127065 bytes)
Hash 021b91e3be1eace2e2618433748bb88d
b8a1ace010d96c063148725ca2f849faa512a5f4
932a81f4a7e27849aa47403afdac2911b6446c102134150433933c970a6c9f51
GET /6p5mKm7h/1655721923429.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 127065
last-modified: Mon, 20 Jun 2022 10:50:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/MGr3FKph/Laylaaa.jpg
162.19.88.68200 OK 110 kB URL HTTP/2 i.postimg.cc/MGr3FKph/Laylaaa.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 486x800, components 3\012- data
Size 110 kB (110326 bytes)
Hash ea49da8a836f0d2ebdc520a5d77efdab
785da2684ae1286b29f3ff0d8587b42df2bec61e
411aed626e1a9d80fa36efcd6c827e2730f29885407a04c5de6bc68b062713fd
GET /MGr3FKph/Laylaaa.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 110326
last-modified: Mon, 24 Jan 2022 04:02:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/s/player/64947e15/www-player.css
216.58.211.14200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/64947e15/www-player.css
IP 216.58.211.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e82302120581bfc2b2bf7671a35750f7
b27bddbc7416555378933e4ecc32bc2347523c60
7c45ed3daa3f0a578f09bca102a32bea35919104d567cf74f7761a3dd7d43ac9
GET /s/player/64947e15/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49662
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:48:18 GMT
expires: Thu, 21 Sep 2023 14:48:18 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
content-type: text/css
age: 108415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.postimg.cc/0QVFd91M/IMG-20220524-181304.jpg
162.19.88.68200 OK 86 kB URL HTTP/2 i.postimg.cc/0QVFd91M/IMG-20220524-181304.jpg
IP 162.19.88.68:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:51, GPS-Data, width=0], baseline, precision 8, 265x422, components 3\012- data
Hash a8fec8974135dfdfe138a98ed768dd6e
d33c83970e7d1925731fcc597038dc8da0875488
2c83907d79a687a1d8491370042cf5571834d4ce7f71430a2c79d2c889f0bc93
GET /0QVFd91M/IMG-20220524-181304.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 86172
last-modified: Tue, 24 May 2022 11:26:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/bJ8Sbp3c/IMG-20220608-WA0005.jpg
162.19.88.68200 OK 108 kB URL HTTP/2 i.postimg.cc/bJ8Sbp3c/IMG-20220608-WA0005.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 494x800, components 3\012- data
Size 108 kB (108322 bytes)
Hash 3751a713af077c0a193ff6b7be6eb98f
6a88f1015175420f4812bc5f7bf64124087615e2
e80b2171f65b2fe668af4196f0afe5df85f8043b04d100c7ca1fe612b1f20ec6
GET /bJ8Sbp3c/IMG-20220608-WA0005.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 108322
last-modified: Wed, 08 Jun 2022 06:20:45 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js
216.58.211.14200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (570)
Hash faf7cb6fdef7f573ad65139bd560afed
e01ff9c1ab3e3a94d92db4c8580b18558256c5ba
e0912caa0cba25c0e92c231d528c723f7bf7d7479c53a8505858c79284013e9e
GET /s/player/64947e15/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97978
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:51:22 GMT
expires: Thu, 21 Sep 2023 14:51:22 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
content-type: text/javascript
age: 108231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/64947e15/player_ias.vflset/en_US/base.js
216.58.211.14200 OK 590 kB URL HTTP/2 www.youtube.com/s/player/64947e15/player_ias.vflset/en_US/base.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (554)
Size 590 kB (589483 bytes)
Hash e8b450650260181eb9d9b791a3915914
749cd69f8b5d4f55811a5430956ec76b5a4fb4b8
e5b68a656b9ed80054c1921e9fff26cf5ddb0031ff507a722c9a88c6b0ca18b6
GET /s/player/64947e15/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 589483
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:58:17 GMT
expires: Thu, 21 Sep 2023 14:58:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
content-type: text/javascript
age: 107816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ibb.co/K6gX71h/Capture.png
51.210.32.103200 OK 121 kB URL HTTP/2 i.ibb.co/K6gX71h/Capture.png
IP 51.210.32.103:0
File type PNG image data, 158 x 259, 8-bit/color RGBA, non-interlaced\012- data
Size 121 kB (120801 bytes)
Hash c6fc9af2ad6cde27f714a725fdd222c5
be01795da5190dd9d883505b8dda2450848f53ff
0a3c7d66a0b3d5e13aaaa02daf7dbe332670e6f047e132f27336f729fd752ac8
GET /K6gX71h/Capture.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:13 GMT
content-type: image/png
content-length: 120801
last-modified: Thu, 18 Mar 2021 18:21:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/cCNwZbMj/Hanabiclll.jpg
162.19.88.68200 OK 138 kB URL HTTP/2 i.postimg.cc/cCNwZbMj/Hanabiclll.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 505x800, components 3\012- data
Size 138 kB (138084 bytes)
Hash d16c03d4212819b428da0006364ab721
b5513f255eef1da0453048c2602084f08db3ad00
f7073e83bb987c11e76cd66dddd603baca400711405fc259241c46eb63e2421c
GET /cCNwZbMj/Hanabiclll.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 138084
last-modified: Thu, 06 Jan 2022 17:42:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
2.bp.blogspot.com/-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png
142.250.74.161200 OK 27 kB URL HTTP/2 2.bp.blogspot.com/-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash bd173da7555853de60b762b4f5fb66f8
435d86ff96ad5b7296ee6f8e701f3b7045a9bf9b
1213cd035b4e5038179937439f0573d9b6c748bd0e14d71dd690b8ba6bd97ec3
GET /-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="moonton.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 27247
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:55:13 GMT
expires: Thu, 22 Sep 2022 20:56:37 GMT
cache-control: public, max-age=86400, no-transform
etag: "v61f"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/js/imryu.js
20.189.78.99200 OK 365 B URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/js/imryu.js
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 03044bd13597eb47b8283f60cfd6bdfb
6105f7e0d970f943931ba0f8645586a91ed75ae0
da7bb0419a0fbd1d9c79697475f3a29671a452e0c0c7f2beea1ad77d95a56aef
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/js/imryu.js HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: application/javascript
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 365
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab9170d59e1c01422d2c55356248b569
0df99ca360de0b69a7e79d8e79b6383fec4a5453
7747cc09f59efbc03c3663c9be6bb63248a43f8f310c1bae1466255e83a72455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freegiftmobilelegends22.work.gd/static/img/logo.png
20.189.78.99200 OK 3.1 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/logo.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 143 x 57, 8-bit colormap, non-interlaced\012- data
Hash ade52d82cc35a17e99ccbb20439cbcbc
9f700e422c6a803a4aefa816a2d9ea2640c17547
18cabba213026d1cfdb15168bd00de62a36dd0705aeff0e3274292ebb9d39384
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/logo.png HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 3110
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2aaec9cbe28343d60597d0371f8ed16b
4456dfef025ab6be775cf3fec5afb553dbfe28d7
7e2ae8341c557e5f590cab1a3ba0d1207ad4a039729b7552b48b40dbb6fc53c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 871 B IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 9ae2c4c4f9b5e0ab573db9b1372830d8
c741b7bdb1bcc073b5d71b1843b0b156b4a4fbaa
042dd4f789960157485fc1e80735ec20757c8a09aa2cc089592581ee2527d23e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/w4bp4C1/IMG-20220830-012332.jpg
51.210.32.103200 OK 60 kB URL HTTP/2 i.ibb.co/w4bp4C1/IMG-20220830-012332.jpg
IP 51.210.32.103:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:30 01:22:38, width=0], baseline, precision 8, 338x600, components 3\012- data
Hash fb0ba7bf741eeab4579c36896e874ff5
9b42c554961b7fa611a261822b10cb85475b6e02
cbb055eb75ed51a2cd95e0647bab4d9e1bbdfad39ecce855465abef9a983d6f7
GET /w4bp4C1/IMG-20220830-012332.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:13 GMT
content-type: image/jpeg
content-length: 59475
last-modified: Mon, 29 Aug 2022 17:35:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:23:43 GMT
expires: Thu, 21 Sep 2023 20:23:43 GMT
cache-control: public, max-age=31536000
age: 88290
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 462195
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 705b43c32368611ff5f29d0196e4d12a
07eef5d6b5e8f527aa42549702764bdedbd5cadc
f1e5e36492cef3d5df156caf58ddef84c4d79a158c118f75ba28ffe58397f80a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1E5E36492CEF3D5DF156CAF58DDEF84C4D79A158C118F75BA28FFE58397F80A"
Last-Modified: Tue, 20 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2931
Expires: Thu, 22 Sep 2022 21:44:04 GMT
Date: Thu, 22 Sep 2022 20:55:13 GMT
Connection: keep-alive
www.freegiftmobilelegends22.work.gd/jabes/1.jpg
20.189.78.99200 OK 12 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/1.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 167x270, components 3\012- data
Hash 6bdafba8b4be45ebc808ada032e5892d
77c8e76b77f0367d59c4530313f34282e5e1e89f
930e1b3f4826f0e907f7e619405b0e1f22f9334ed14a65af13ca1b0fa8ffb2a5
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/1.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:26:53 GMT
accept-ranges: bytes
content-length: 12117
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/jabes/2.jpg
20.189.78.99200 OK 11 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/2.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 167x268, components 3\012- data
Hash c90ffbab6f77dc72dd0f700b7b393583
5759f94da7133ded80829fbbd74545aec8e08767
4930b40e8e2dbdd7ec33b887123328514ec1aaf6a0264aae7745689507796048
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/2.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:27:19 GMT
accept-ranges: bytes
content-length: 11192
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/jabes/3.jpg
20.189.78.99200 OK 9.0 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/3.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x269, components 3\012- data
Hash 60d750b421b89aa2313d184fcf094b7d
eac5212fb8bf7b7bef1599a106b93b6b6c62e445
f5712248a6e5777a0cf3bf3c9c39cec914167ffd803d7c16ef2f0456415f7d9a
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/3.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:27:25 GMT
accept-ranges: bytes
content-length: 8971
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/jabes/4.jpg
20.189.78.99200 OK 10 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/4.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 164x270, components 3\012- data
Hash 509b677d65fb7f1039c4df9f0b62f088
1db73c62f220cba650d5667abff5808f4247d115
034fb410f7fe0e639129377082faed19736d0197f21d7ef994827936af04f733
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/4.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:42:22 GMT
accept-ranges: bytes
content-length: 10361
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/gg.jpg
20.189.78.99404 Not Found 1.2 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/gg.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/gg.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/chou.jpg
20.189.78.99404 Not Found 1.2 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/chou.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/chou.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/7.jpeg
20.189.78.99200 OK 15 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/7.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x338, components 3\012- data
Hash fa6f89590fa29d956b348eab35c10e32
594d0b64f1390dd8de4a069ea9743814969d3aa5
df18c8af2cb52fd9d34bedb9d77021d16311c6b53f17a61e99f9446fa0de5813
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/7.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 14591
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:48:04 GMT
expires: Thu, 22 Sep 2022 21:03:04 GMT
cache-control: public, max-age=900
age: 429
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.postimg.cc/G2M4RvBJ/Legend-Guin.jpg
162.19.88.68200 OK 0 B URL HTTP/2 i.postimg.cc/G2M4RvBJ/Legend-Guin.jpg
IP 162.19.88.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /G2M4RvBJ/Legend-Guin.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 102924
last-modified: Tue, 26 Apr 2022 05:28:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/8.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/8.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 204x340, components 3\012- data
Hash 668564e4473038f448976765df11af0d
8933a2ba272e2df2f25572d2b3c908dbf3fc2d22
32f800cf39608715be8f8737eeaf8783121d7279c56dcac21fdf5095426dde92
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/8.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11717
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freegiftmobilelegends22.work.gd/static/img/borders/1.jpeg
20.189.78.99200 OK 14 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/1.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 127x125, components 3\012- data
Hash c3f23c759474b52b605376efbc3358ca
8aa3921a9d9996aa58400f7789c1b3a8d6bef993
bbfc84c4fbf2b869a000a32099492c9978c23d3a80695805c2c9fc8678b256d5
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/1.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13882
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/2.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/2.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x130, components 3\012- data
Hash 89dd611dc90e68c564dd9a332a461c40
6fa24fa9061cb2a6f0b5424854e4de35600ae2f5
1e714f2533ca0e0913503199304bc6ce466ec054705866c2ae340fe596ad4d05
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/2.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12408
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/3.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/3.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 124x127, components 3\012- data
Hash 943b4a00399dc4e693e4931cf33bef96
df0216e09753f2d2ca2efe7e5baa4b600308d020
de0441e81786232488b2a73e9c56e78040cdd2f9adf82dcda25f4e9d166fd925
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/3.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12468
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/4.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/4.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x131, components 3\012- data
Hash ed0142f6c936e02fa902084dfb20d32f
a551891b9b27510ad06787329490b9614875519c
292e4dab178b1ff88f05e2cf3060f3ff3af4eb09d22d8b70e19b5c4cce119c6e
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/4.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11944
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/5.jpeg
20.189.78.99200 OK 13 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/5.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x135, components 3\012- data
Hash 110de4b3386b174aa91799da526a5fa4
ca04da5930727af1dbcbe934b42dce6fe170fa72
567c71f609014824e4e9d15baccf60508b5a6fd9c32b89f4809b3f2d9dcd61f1
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/5.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12875
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/6.jpeg
20.189.78.99200 OK 14 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/6.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, components 3\012- data
Hash 8d8317eea9213928e3c0319cf237e8ab
34073433e542bfcae6c627a09796828e6b2758f0
5eee23e2ba4c13b2a0d20266aa99d61d20f41725365760f63821ceaf836914b2
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/6.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13578
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/7.jpeg
20.189.78.99200 OK 10 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/7.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 123x125, components 3\012- data
Hash a45314cdf40507ef02c3ee779d608aca
bece15ef6fcb3339a5c9d32545a49d883ced5299
fb91a9fbfacfb720ffe9403476f8f0320cb6387492413191ef944555579dbe31
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/7.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 10538
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/8.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/8.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 135x131, components 3\012- data
Hash bb3a6821a831388426333e7ff7c21b93
9b3ed817773e8a3cc88e7a7493855b0a68525444
afb9170b3c58fb81966bcf994426ada17c689040546525719b51b527bf4bee06
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/8.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12391
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/9.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/9.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x125, components 3\012- data
Hash 12b66031d66c51b1861e2e964def545d
78e00bc755458b2662979fab06e3aeebeb5abf1c
336abc805d5ecf4e7b22df535cf7ccbedb2e0f7e4a8a78d2d5f67a3fa0f9ce02
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/9.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11893
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/borders/10.jpeg
20.189.78.99200 OK 14 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/borders/10.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 129x123, components 3\012- data
Hash 5594fba93fa048c23b78ab94585d2c06
13ce3970dfd6ff588fc50fb18cf09f5016d9daf7
682d7221d4009f85742bf6e94480a7c7b552e26cec03f8bff41e5406d48dd39f
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/10.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13776
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 20:55:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/jabes/02.jpg
20.189.78.99200 OK 30 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/02.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 145x257, components 3\012- data
Hash 4fae539b14c385cde860b007c4d2b3fa
a442c48e83af5cbc8bf67c177f1e71d1b84e705c
cc0a71bc85a0d6dc6fa1ff4eb163f4efa35e9eeca14f8405f3823d784ddc1b24
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/02.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:51 GMT
accept-ranges: bytes
content-length: 29618
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/jabes/03.jpg
20.189.78.99200 OK 27 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/03.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 148x260, components 3\012- data
Hash 16df2a4c7f71de466f66837d577e7dd2
d38e80ae6ee5dd22cb9406c43e2bb7b2e7339fd7
c4cc742ae92b2b40477417090046abdce40cdd4fe06b1ce01517333066f5e14a
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/03.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:54 GMT
accept-ranges: bytes
content-length: 27173
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/jabes/04.jpg
20.189.78.99200 OK 26 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/04.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 150x259, components 3\012- data
Hash a4e7f9f345de741267674ac39cd80720
809c6543a8761be30b05a8b1b2259664139cf933
67e5afd8ff28ec8e7a10a7da249feb3a1e822f91dae26aae6dc6873c8229abb5
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/04.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:59 GMT
accept-ranges: bytes
content-length: 25550
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/3.jpeg
20.189.78.99200 OK 32 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/3.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:46:04, GPS-Data], baseline, precision 8, 191x310, components 3\012- data
Hash a821cb25aedb8f21ee5c03373f8c6204
b9da5997bc68fd683f3d37472f7a195c3768e5a8
4cc8564668053a9c742519471135bbac27debac4b6973ac3acebace82b545740
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/3.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 31966
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.130200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.130:0
Hash 47df9788abf3b19c58c739944bca9786
dded48816cd9e3bc384d8e0da3fc0d39f886e2b1
668fac6459918407012a7590dfed1fb9958ddfb9e9cd80cf655087dd93343ddc
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Thu, 22 Sep 2022 20:55:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 1c6ded9438f21cada382d6f2bf208695
d058acaf6689a727cc0e8730ec53fc601519cd21
07a789ccd480b1049c85fff0ad390239d5edd7189b8b9b0c1b7b1b3a13a7c7a7
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 20:55:13 GMT
server: ESF
cache-control: private
content-length: 30916
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35947)
Hash e50215251e55ca26c783e2e9b382e4a9
80a0845ea0b8569e6b04532c7f958ba759b4f207
85041f26f46486b46c2b91fa99da2e214250de0ec79a3c6edb94c73f7fc9243f
GET /js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14149
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:04:59 GMT
expires: Thu, 21 Sep 2023 05:04:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
content-type: text/javascript
age: 143414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.9 kB URL HTTP/2 yt3.ggpht.com/m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 23fb59dbdd6b7dc76cd71088fecb56be
2c0ed5d42d5651037c27f7a070e3935aba026534
c0bd67f0c5c74150fcaf4f174c8133fc74ef2d2340b548974126612096e9c7c9
GET /m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4909
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:55:13 GMT
expires: Tue, 21 Jun 2022 08:57:50 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freegiftmobilelegends22.work.gd/static/img/skins/6.jpeg
20.189.78.99200 OK 17 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/6.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 215x340, components 3\012- data
Hash e5da1e2012e6d30a5a7e200a1082d861
09f77c3bcf56cb03d003d1ee9b2aa579d9ea4186
ad04ea1d3edf662dfb76489ccbc8879b070747697f5da08ebdf2fefa6b858ab0
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/6.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 16900
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/4.jpeg
20.189.78.99200 OK 32 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/4.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:45:50, GPS-Data], baseline, precision 8, 191x310, components 3\012- data
Hash 532de4ebbd562ab3608324f1ea71c9fc
07d647d6d682277cab99464c62084a83864fcfd2
8c713e3f2eec756fe2be399b64a26fee2ce9699c09907ab84e011d760e187f9b
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/4.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 32183
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/12.jpeg
20.189.78.99200 OK 36 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/12.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:44:47, GPS-Data], baseline, precision 8, 189x343, components 3\012- data
Hash dcdc088e8f7fb04bbb9820f35b0fd2b0
2b16826763293304421cf7703a9eb493ad6a125f
517619ca5c8d4db6bc0133e6e7a493bebfd3cc5ab8c13d0d5057a64c677bf8a0
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/12.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36471
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/13.jpeg
20.189.78.99200 OK 34 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/13.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:44:34, GPS-Data], baseline, precision 8, 188x308, components 3\012- data
Hash c27db983a51a794b36da8c05b5666e63
6a5d9710651b38c7de3f130d10537bca214955f3
c625eab36994864ee26e6c57ddede1b5a3b3bf7fdac31b2160de1bb6fa91a68a
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/13.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 33463
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/16.jpeg
20.189.78.99200 OK 37 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/16.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:25 09:42:21, GPS-Data], baseline, precision 8, 207x334, components 3\012- data
Hash b0e4b1911e83beec214d12ffc244a85e
be31911792f61503fd1ecf3d20e96f0cd0bab365
e1773d3bd72c93e893f9629c37878f2c2b8d4157c5023ee7f0648df5edc016a6
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/16.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36699
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/9.jpeg
20.189.78.99200 OK 38 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/9.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 163x267, components 3\012- data
Hash 0669b7019bc06eddbd03dd49b8d02390
4f91de987444900fc5bc062cf9b7adaa4f11a879
71d715e750841ec57b2e8cc623ef77c25b4ecb9f958fa703f16353ab12567ddb
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/9.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 37838
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/10.jpeg
20.189.78.99200 OK 36 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/10.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x266, components 3\012- data
Hash f38c6a3098302151fc7189d44bb8eb23
b3e943a7c24326216c02b1fda1a10c04b44efc56
14a6a45ed5d0d4de29a998a2166a9654c08e28d4ec53651b7f9037fa45dd0364
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/10.jpeg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36512
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/jabes/000.jpg
20.189.78.99200 OK 65 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:30 00:57:21, width=0], baseline, precision 8, 226x376, components 3\012- data
Hash 696ed59187ba381773d4489010c867c9
24912f17cee9784a03a2792384b3715b99dfb6ca
de7bee49980a1bd6f55fbe498966fb6b71daeda09edaba69f2b1f5a5d67c2b96
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/000.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/jpeg
last-modified: Mon, 29 Aug 2022 17:34:50 GMT
accept-ranges: bytes
content-length: 65170
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/2newc.jpg
20.189.78.99200 OK 71 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/2newc.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:11:13 10:36:12, GPS-Data, width=0], baseline, precision 8, 233x345, components 3\012- data
Hash 373429187851e808386569195d205f39
c5bafb63e19dac26dc1022e392145a31a24ff53f
b32e5ecdf802d2b19ab9753e42213146931b2a1969d876fbd3500598e54a7e0b
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/2newc.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 71090
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/2new.jpg
20.189.78.99200 OK 79 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/2new.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, baseline, precision 8, 204x338, components 3\012- data
Hash bb0d2324852a75596459207141b8e7cf
66e73ffad47e43c4b94d8051b3d526629218d3de
2a8bf990df2caed939e832d38e44f8f3a916a537cbc6118af0e1cfb2b92778bf
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/2new.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 78700
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/2.jpg
20.189.78.99200 OK 58 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/2.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:10:14 14:07:10, GPS-Data, width=0], baseline, precision 8, 211x342, components 3\012- data
Hash 1cf7efd64ad6cc1439c3539cc20fbc84
296485c7d4c0907843e717c1454ffb2150f20c39
4cb41fdd49332ca98fa3b95cb11dea46f2ea4a92dba60e2563d71b327cc66543
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/2.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 58389
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/dm/5000.jpg
20.189.78.99200 OK 82 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/dm/5000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash c890d2d8fabf64205bd762858235f7ab
de805d94df0985d9500905318002589a3c5c3706
e83fbcfc8112158d8a8afd66acebbbad99d942217ecad0c0975c2f4e4db7a216
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/5000.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 81805
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/dm/2500.jpg
20.189.78.99200 OK 81 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/dm/2500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 8f66c7a0904e304b14cd3cbbd31eafb8
92d81b84c9554f8ac5c1a85f21ded1659e709287
8dff9b35c156d6e7f4cdbf0c3499d5a41dd673360cd3ebb92d34b44b0ee6d9ad
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/2500.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 81165
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/dm/1500.jpg
20.189.78.99200 OK 70 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/dm/1500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 71fdfc59ac4b79cd315f750e2f4d6dbd
12d5c30c5832d81d20f71575a480b696441b6ba8
a3f8bf6e347121460e5aabb4779bfb7f0f7e32166c414a1458e20ec6bc8761ac
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/1500.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 69616
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/dm/1000.jpg
20.189.78.99200 OK 64 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/dm/1000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 2f3a912fb5a0576b7884466a499d546a
c5f08eeee75a0d0ebfd8f887f7b43939c7578df8
6e8a2198ba7e7e8c1e71c908445c2274bdbd48d414fbb0a7fc044df49c3ab0cd
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/1000.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 63898
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/dm/500.jpg
20.189.78.99200 OK 64 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/dm/500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash a5ad315a073e74e09b2d4d8294f15a94
57f386aa235168725dedfab8763bfba9a9e77fe4
32cf399c29db81a1e0362fbd3a925ab217fee31de6a092c2396807a2ade9a6cb
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/500.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 63592
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/kof/6.png
20.189.78.99200 OK 118 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/kof/6.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 118 kB (117996 bytes)
Hash c8cf836eebc8bd0d7d29f56d1e4fae8c
1daa116901e043b2d97f68a5483451b3da1bf68e
e65f73ce0ba58ef5d687d3e0ddfb9e65d2681f8e4175519f5303632f57103192
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/kof/6.png HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 117996
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/kof/4.png
20.189.78.99200 OK 109 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/kof/4.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 109 kB (109303 bytes)
Hash 41e8948125d3fe59c6972d5b12939453
c31f4fefebf281f4f0ebaeb40f11324412d5287b
f0cc7c414d92a31d68ab3b38e78b463098946fad4c5f62eaa38c393d4782f435
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/kof/4.png HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 109303
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/kof/5.png
20.189.78.99200 OK 113 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/kof/5.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 113 kB (112990 bytes)
Hash 8ebd1c2e91fe2a579c51e002b9fb5ebf
b1f6838a5728e92a44d18dcf9593824c5d7dfcb3
9c88d54f5dea3dcefa99feb9a724aafac3065ba23b2e17ff9fa5851231524bc8
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/kof/5.png HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 112990
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/skins/1new.jpg
20.189.78.99200 OK 83 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/skins/1new.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, baseline, precision 8, 208x336, components 3\012- data
Hash f42415aa51283f8556c4d3682802e4ab
18e99d8f5ac756876a26a96fc800680555eb7b8a
03f93970ab1710a1abca976673b7195c7601fe2e253132ed8d45b97dc94fd626
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/1new.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 83305
date: Thu, 22 Sep 2022 20:55:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/jabes/01.jpg
20.189.78.99200 OK 156 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/jabes/01.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:32:47, width=0], baseline, precision 8, 402x656, components 3\012- data
Size 156 kB (155520 bytes)
Hash 6e34331b2e7768b9a3e25e3bfcf7ac67
61b4ee57783e94ce7f798eaacc3cbccdede67d96
3ff48fd457ecfda559d4617bea1a3aeca2a0b0ca8059bbc1060aa8bb1b56e6e2
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/01.jpg HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:48 GMT
accept-ranges: bytes
content-length: 155520
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 20:55:14 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2f1fb66a7de3cf6a05e2a6c462523a85
b289f17eaba210de0d9eecd47256f27ac8e60e75
2130776a41135e07cf39cf15e55891bd94422b43c680cc469af0e5161e35908f
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1055
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 20:55:14 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pht.qoo-static.com/VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512
52.76.96.242403 Forbidden 169 B URL HTTP/2 pht.qoo-static.com/VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512
IP 52.76.96.242:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3944b69d2e5ed0868bbe4fdcd35e6773
cc891b47510aaaec347a5880913f720b4f13db4a
28379c5f15ea5ffb7fda52f940cf73555f02b2d7e4f20032633b98ac079621b5
Analyzer Verdict Alert fortinet Malware
GET /VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512 HTTP/1.1
Host: pht.qoo-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx/1.12.2
date: Thu, 22 Sep 2022 20:55:14 GMT
content-type: text/html; charset=utf-8
content-length: 169
x-frame-options: sameorigin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f328c09668a75920e6ce55f716b757
9d54c45a3444089553efeb490bea05d3fb3d380b
a871d006869790c7a7bdf599baad1ccbf00e86b2590aec3263a3a5b26937ae0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f328c09668a75920e6ce55f716b757
9d54c45a3444089553efeb490bea05d3fb3d380b
a871d006869790c7a7bdf599baad1ccbf00e86b2590aec3263a3a5b26937ae0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1623750&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=video%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1663879782&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMAEMAdQnjhlgP61qV2Gxy-qge02dzQfq6Mi1LL0DxkECIG9ZbGdC7ayNr4JHknWA-G6DxdYAvTKPDBXlg_sWoI_M&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgeRYcXsyEDV-tlZX6JmVNiBCK6u0F72hOfBEp-CSB8jECIQDg58myExImp-nxzvG7izETYzqrvIlhl5EfoVKrs99SzQ%3D%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&range=0-124752&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1623750&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=video%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1663879782&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMAEMAdQnjhlgP61qV2Gxy-qge02dzQfq6Mi1LL0DxkECIG9ZbGdC7ayNr4JHknWA-G6DxdYAvTKPDBXlg_sWoI_M&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgeRYcXsyEDV-tlZX6JmVNiBCK6u0F72hOfBEp-CSB8jECIQDg58myExImp-nxzvG7izETYzqrvIlhl5EfoVKrs99SzQ%3D%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&range=0-124752&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1103), with no line terminators
Hash 820c4475f1eb00d3e5a36df6629a17a2
7e3b72de09c1810ee2c2df6a532ad3c098276aae
a3104d7190e091140f85dc94da0c2cb6dcc13d44a9e3af334674798a07972d97
GET /videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1623750&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=video%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1663879782&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMAEMAdQnjhlgP61qV2Gxy-qge02dzQfq6Mi1LL0DxkECIG9ZbGdC7ayNr4JHknWA-G6DxdYAvTKPDBXlg_sWoI_M&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgeRYcXsyEDV-tlZX6JmVNiBCK6u0F72hOfBEp-CSB8jECIQDg58myExImp-nxzvG7izETYzqrvIlhl5EfoVKrs99SzQ%3D%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&range=0-124752&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 22 Sep 2022 20:55:14 GMT
Expires: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1103
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1623750&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=audio%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1663879782&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKdD2pHWc2seZ9HrByQ7JDRneuWUr8XaqQCMD1_q2xh7AiEAmg69NhYnrkY3Is7_VZATRKvOrFeaOqzdVUeoxyZVA3s%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgeRYcXsyEDV-tlZX6JmVNiBCK6u0F72hOfBEp-CSB8jECIQDg58myExImp-nxzvG7izETYzqrvIlhl5EfoVKrs99SzQ%3D%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&range=0-65934&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1623750&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=audio%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1663879782&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKdD2pHWc2seZ9HrByQ7JDRneuWUr8XaqQCMD1_q2xh7AiEAmg69NhYnrkY3Is7_VZATRKvOrFeaOqzdVUeoxyZVA3s%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgeRYcXsyEDV-tlZX6JmVNiBCK6u0F72hOfBEp-CSB8jECIQDg58myExImp-nxzvG7izETYzqrvIlhl5EfoVKrs99SzQ%3D%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&range=0-65934&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1021), with no line terminators
Hash 8ce0166d3a834a37e4d9e8d49b0c4061
87ab643716fe88265b79b0994e4fda059c8e10fa
9bff9e75adfe9ac61289eab4df413b6c73b171dae898e6523894e1224a207fcf
GET /videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1623750&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=audio%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1663879782&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKdD2pHWc2seZ9HrByQ7JDRneuWUr8XaqQCMD1_q2xh7AiEAmg69NhYnrkY3Is7_VZATRKvOrFeaOqzdVUeoxyZVA3s%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgeRYcXsyEDV-tlZX6JmVNiBCK6u0F72hOfBEp-CSB8jECIQDg58myExImp-nxzvG7izETYzqrvIlhl5EfoVKrs99SzQ%3D%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&range=0-65934&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 22 Sep 2022 20:55:14 GMT
Expires: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1021
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f328c09668a75920e6ce55f716b757
9d54c45a3444089553efeb490bea05d3fb3d380b
a871d006869790c7a7bdf599baad1ccbf00e86b2590aec3263a3a5b26937ae0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freegiftmobilelegends22.work.gd/static/sound.mp3
20.189.78.99200 OK 1.1 MB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/sound.mp3
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Size 1.1 MB (1104524 bytes)
Hash 015384eeafba5d69507e7440eb54127e
9c50059810626cae8d2beabbafa0c2a52f961863
f9d4d283265ce49509451b07326652e87f7985c9963329fd51128e5c0347b111
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/sound.mp3 HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: audio/mpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 1104524
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/sound.mp3
20.189.78.99206 Partial Content 1.1 MB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/sound.mp3
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Size 1.1 MB (1104524 bytes)
Hash 015384eeafba5d69507e7440eb54127e
9c50059810626cae8d2beabbafa0c2a52f961863
f9d4d283265ce49509451b07326652e87f7985c9963329fd51128e5c0347b111
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/sound.mp3 HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
content-range: bytes 0-1104523/1104524
content-length: 1104524
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/boxOn.png
20.189.78.99200 OK 603 kB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/boxOn.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1280 x 481, 8-bit/color RGBA, non-interlaced\012- data
Size 603 kB (602563 bytes)
Hash 510f616bc35a268f24ce98d15f9a2429
bf674acfde2279acf8e2d103f52a78d64f718604
f8cdd47205cd93c5e0b7b47611ae2c5c33100a1593039fe271efe2df3eeec4a6
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/boxOn.png HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 17:50:08 GMT
accept-ranges: bytes
content-length: 602563
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 09a7b0e5b84c483fa9df81e325092d4b
e57713307a2c18a615e3b5e9e21e83b249ecaa46
49478b42b349d714a37ed968b88193ac5269b4bb6dbdd73073bef8fe2092ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/Acv5oGFllDs/sddefault.webp
142.250.74.150200 OK 38 kB URL HTTP/2 i.ytimg.com/vi_webp/Acv5oGFllDs/sddefault.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7cb67e1362d8ea77b65fffecee36326f
de14ecf39e3164e689e1b9e0c19d35c197b26caa
a107b245b70d9fed5d261bbf182b47a1bda695fc01fe5b3a9c92b8d784521875
GET /vi_webp/Acv5oGFllDs/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 37536
date: Thu, 22 Sep 2022 20:55:14 GMT
expires: Thu, 22 Sep 2022 22:55:14 GMT
cache-control: public, max-age=7200
etag: "1661507883"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.freegiftmobilelegends22.work.gd/static/img/card.c777c1a0.png
20.189.78.99200 OK 1.2 MB URL HTTP/2 www.freegiftmobilelegends22.work.gd/static/img/card.c777c1a0.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 850 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1178525 bytes)
Hash f61a082b230f98bcd23879c9fa7f92d5
3f54c318324a9ed2a5c4ec4521d359b4e3ccef62
1c1992ca0652089198af657792f6f23513c93c7788b1cc433a2c5c77da83e0fc
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/card.c777c1a0.png HTTP/1.1
Host: www.freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 20:55:12 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 17:50:42 GMT
accept-ranges: bytes
content-length: 1178525
date: Thu, 22 Sep 2022 20:55:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 09a7b0e5b84c483fa9df81e325092d4b
e57713307a2c18a615e3b5e9e21e83b249ecaa46
49478b42b349d714a37ed968b88193ac5269b4bb6dbdd73073bef8fe2092ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c582df192c6091d5d4af7227b2834a34
b9e8d3d2d0e61058d25a260bf85c51a36309509c
8fbfbf6e666643643c14017f51441ae043bf081a139fa0d65033afb09f873c3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c582df192c6091d5d4af7227b2834a34
b9e8d3d2d0e61058d25a260bf85c51a36309509c
8fbfbf6e666643643c14017f51441ae043bf081a139fa0d65033afb09f873c3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=251&source=youtube&requiressl=yes&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=audio%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKdD2pHWc2seZ9HrByQ7JDRneuWUr8XaqQCMD1_q2xh7AiEAmg69NhYnrkY3Is7_VZATRKvOrFeaOqzdVUeoxyZVA3s%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1663880006&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgC574GhJAeW2ABZg9auwCuPWj3RrerF1DOOppVnbVWX0CIEatOJtV0iHztQsdfyoZ1f9OrV6DQnRnS-no-6Ud215d&range=0-65934&rn=4&rbuf=0&pot=D51kWUHG-OdUnVwcXf9uUMxQpDyfyovyKkwBnqQHfzHuw5G7alEVn4poMLLgYAM5UJO4ZKw143tlLd_oAq0dgPlTA1KNIPaBQLoxerMymGfa1xUs9cFtTIIbD46eEFz6-TMobu8=
74.125.111.41200 OK 66 kB URL HTTP/1.1 rr4---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=251&source=youtube&requiressl=yes&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=audio%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKdD2pHWc2seZ9HrByQ7JDRneuWUr8XaqQCMD1_q2xh7AiEAmg69NhYnrkY3Is7_VZATRKvOrFeaOqzdVUeoxyZVA3s%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1663880006&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgC574GhJAeW2ABZg9auwCuPWj3RrerF1DOOppVnbVWX0CIEatOJtV0iHztQsdfyoZ1f9OrV6DQnRnS-no-6Ud215d&range=0-65934&rn=4&rbuf=0&pot=D51kWUHG-OdUnVwcXf9uUMxQpDyfyovyKkwBnqQHfzHuw5G7alEVn4poMLLgYAM5UJO4ZKw143tlLd_oAq0dgPlTA1KNIPaBQLoxerMymGfa1xUs9cFtTIIbD46eEFz6-TMobu8=
IP 74.125.111.41:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 30291d76b7807a3f14a79b7a0b356c12
de296641a599d4c1186984218532c7c23af93224
7204bdf9d76106267e9654c99e1edd1f729fd4805244ca1d3522a0fd7c51d39d
GET /videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=251&source=youtube&requiressl=yes&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=audio%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKdD2pHWc2seZ9HrByQ7JDRneuWUr8XaqQCMD1_q2xh7AiEAmg69NhYnrkY3Is7_VZATRKvOrFeaOqzdVUeoxyZVA3s%3D&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1663880006&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgC574GhJAeW2ABZg9auwCuPWj3RrerF1DOOppVnbVWX0CIEatOJtV0iHztQsdfyoZ1f9OrV6DQnRnS-no-6Ud215d&range=0-65934&rn=4&rbuf=0&pot=D51kWUHG-OdUnVwcXf9uUMxQpDyfyovyKkwBnqQHfzHuw5G7alEVn4poMLLgYAM5UJO4ZKw143tlLd_oAq0dgPlTA1KNIPaBQLoxerMymGfa1xUs9cFtTIIbD46eEFz6-TMobu8= HTTP/1.1
Host: rr4---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Aug 2022 11:57:35 GMT
Content-Type: audio/webm
Date: Thu, 22 Sep 2022 20:55:14 GMT
Expires: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65935
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=video%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMAEMAdQnjhlgP61qV2Gxy-qge02dzQfq6Mi1LL0DxkECIG9ZbGdC7ayNr4JHknWA-G6DxdYAvTKPDBXlg_sWoI_M&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1663880006&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMBd37kTNL4euUavfWlHSJ04KMpwWEsRC3neVseFXHljAiAcMXEdV74QljDcZ1bIP7AFzJ7kr4S0KMsfhEJE1IYPWQ%3D%3D&range=0-124752&rn=3&rbuf=0&pot=D51kWUHG-OdUnVwcXf9uUMxQpDyfyovyKkwBnqQHfzHuw5G7alEVn4poMLLgYAM5UJO4ZKw143tlLd_oAq0dgPlTA1KNIPaBQLoxerMymGfa1xUs9cFtTIIbD46eEFz6-TMobu8=
74.125.111.41200 OK 125 kB URL HTTP/1.1 rr4---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=video%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMAEMAdQnjhlgP61qV2Gxy-qge02dzQfq6Mi1LL0DxkECIG9ZbGdC7ayNr4JHknWA-G6DxdYAvTKPDBXlg_sWoI_M&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1663880006&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMBd37kTNL4euUavfWlHSJ04KMpwWEsRC3neVseFXHljAiAcMXEdV74QljDcZ1bIP7AFzJ7kr4S0KMsfhEJE1IYPWQ%3D%3D&range=0-124752&rn=3&rbuf=0&pot=D51kWUHG-OdUnVwcXf9uUMxQpDyfyovyKkwBnqQHfzHuw5G7alEVn4poMLLgYAM5UJO4ZKw143tlLd_oAq0dgPlTA1KNIPaBQLoxerMymGfa1xUs9cFtTIIbD46eEFz6-TMobu8=
IP 74.125.111.41:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 125 kB (124753 bytes)
Hash ae4863f2e947cbe2de436123533aa0b3
21f3f54a95343bdd2977144810dd956eb584c620
0f2cf1134d6df2f6e38118d27885f55bd992555d426babdf46cb3d1bf30f6f01
GET /videoplayback?expire=1663901713&ei=scssY47NMomw7QSzir-wBQ&ip=91.90.42.154&id=o-ADK4_WLNy6nQpkp8xy0Qvfa5bqvakmEm5YyClj969Hhy&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=yR2vp2GB08QekqsJfqRNQ80j7vDq8Lw&vprv=1&mime=video%2Fwebm&ns=nNvQLG_FvE8PhwuGS5gSyzYI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=ZlJHhhmjTncE8g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMAEMAdQnjhlgP61qV2Gxy-qge02dzQfq6Mi1LL0DxkECIG9ZbGdC7ayNr4JHknWA-G6DxdYAvTKPDBXlg_sWoI_M&alr=yes&cpn=iFkeFQcz42BOCLMr&cver=1.20220920.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=6_&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1663880006&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMBd37kTNL4euUavfWlHSJ04KMpwWEsRC3neVseFXHljAiAcMXEdV74QljDcZ1bIP7AFzJ7kr4S0KMsfhEJE1IYPWQ%3D%3D&range=0-124752&rn=3&rbuf=0&pot=D51kWUHG-OdUnVwcXf9uUMxQpDyfyovyKkwBnqQHfzHuw5G7alEVn4poMLLgYAM5UJO4ZKw143tlLd_oAq0dgPlTA1KNIPaBQLoxerMymGfa1xUs9cFtTIIbD46eEFz6-TMobu8= HTTP/1.1
Host: rr4---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Aug 2022 12:32:26 GMT
Content-Type: video/webm
Date: Thu, 22 Sep 2022 20:55:14 GMT
Expires: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 124753
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c582df192c6091d5d4af7227b2834a34
b9e8d3d2d0e61058d25a260bf85c51a36309509c
8fbfbf6e666643643c14017f51441ae043bf081a139fa0d65033afb09f873c3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 20:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
104.84.152.192200 OK 29 kB URL HTTP/2 i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
IP 104.84.152.192:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 216x216, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 9099099d9d7683a1f7df4c453a3b5250
8a5c119fa1bbfaa30e73b899a7cc2f3e6b307162
6015be6edadd8c2d0e36d1d91b3235986f11e9f42379a3faffe4737b80b37413
GET /originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "9099099d9d7683a1f7df4c453a3b5250"
accept-ranges: bytes
content-type: image/jpeg
content-length: 28766
akamai-grn: 0.bc985468.1663880114.6965dd4
vary: Origin
cache-control: immutable, max-age=31536000
x-cdn: akamai
X-Firefox-Spdy: h2
i.postimg.cc/fyJcLQjr/1650272368820.jpg
162.19.88.68200 OK 0 B URL HTTP/2 i.postimg.cc/fyJcLQjr/1650272368820.jpg
IP 162.19.88.68:0
GET /fyJcLQjr/1650272368820.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: image/jpeg
content-length: 105367
last-modified: Mon, 18 Apr 2022 09:00:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 20:55:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9326866
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74edf0b11e71b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
216.58.211.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
IP 216.58.211.14:0
GET /embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freegiftmobilelegends22.work.gd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 Sep 2022 20:55:12 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=cCY_Y2xlbnM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Kgu42nfCbRU; Domain=.youtube.com; Expires=Tue, 21-Mar-2023 20:55:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+655; expires=Sat, 21-Sep-2024 20:55:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2