gift1774.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2
104.26.10.176301 Moved Permanently 0 B URL HTTP/1.1 gift1774.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2
IP 104.26.10.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2 HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 03:58:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 26 Sep 2022 04:58:30 GMT
Location: https://gift1774.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0j7F2yOqCB26K8lldHbLWLPj9sCVa934n6Zp8IbYmvgQYKNeMvwn1CM7D%2BbxHmgcrZTVZKiL1W76NQPTp%2BTu1VjafjCuz6i%2BWWxpBujhwfxLdtu1kFCW3hO2Qbc1nbc6DVyICWRXJgs5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750914e0bb48b51b-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8737
Expires: Mon, 26 Sep 2022 06:24:07 GMT
Date: Mon, 26 Sep 2022 03:58:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 03:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lXuSnfDpNsWiaGpo4WCkUvLaVcM_dG0JLC21xbXdiLqzaUF_-zX2yg==
Age: 2592
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aujfzCZ9vRSyqcymfzyiszIJuZSz1H7WQ_pFlEKmA2KueUe7Tt-w1g==
age: 84196
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 03:58:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/7.jpg
104.26.11.176200 OK 2.1 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/7.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 3641990a28227bb5ed59021aff1d14e3
e6897de78a1019809f344f738a8ce2e757e10cef
8d7dc01c529864b54f1d3e7bffb73649056cea39a1907daadc18254e139c2cd6
GET /sweeps/ww/giftcard2/7.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 2095
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-82f"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqeAPNc6TlMyCz9rikC%2FdotmBl%2F0Smgtyrpfu%2BGnUnCFPCYiDLic7jCe7bhvBiXZTQVj9WHoEPod6ziHpIQJoR0dJQcyFeV2b02TdSKT83U6pwServWh7klWpryvh%2BsZvaIopUR2BRrqoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a1fb517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/gift.png
104.26.11.176200 OK 4.1 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/gift.png
IP 104.26.11.176:0
File type PNG image data, 84 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c8a99f8106a7e0c99be0e2333301537
ff30510621a4e58a72b2adaf5270fed28c944307
4fda556b7901692f8165abb1f7eea0a42f5fc54d0d2b257e8daf5a30b0b8c9c3
GET /sweeps/ww/giftcard2/gift.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 4051
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-fd3"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfsO2gA0TPBAo5PFvibCgHZpsaED7um24rO%2Bz74k3ahXbuMrSZrTNbliEzoQrTwfRPGHfIUwFIgafANu3G8C707vmkvRYDrUWHH4OIwAQ%2BqHMlezcAhbUwwPCNrRX%2FMUa5o2biZnlW63nA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a19b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/loading.gif
104.26.11.176200 OK 5.1 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/loading.gif
IP 104.26.11.176:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash f4f031edfb2f37765dab11b35eafd026
1901e655edaaf84a56454516189adfa72c1630a4
835f56bb96eb76384dc480bc6c866efb1980d4a36ad42fbc82e46d9167542050
GET /sweeps/ww/giftcard2/loading.gif HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/gif
content-length: 5139
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1413"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvscjI1OZeQY224%2F46BJCqZS06ZIjONC4y75O7liO%2BOht%2BUpVZJ1lYLvRObmfP4RAvE2Qh7gU8nhR1qO6yh0Ct%2BzAIBFI6SWGyOMOv%2FUYjwi9GqbQSG%2FOXI06BHvMGm2g9Dj6ZKoD5YEiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a17b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/3.jpg
104.26.11.176200 OK 1.6 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/3.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 8f52afa9e7a247acf53632fdfd62aa21
45fa6dc2c4bc5f134bcc59bd1b80214daac8f84b
58db8ee68cc5c89b372646ed7c7ac68588fcf2635452a831470e6a572bc49842
GET /sweeps/ww/giftcard2/3.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 1648
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-670"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E09LZ1UIFW%2BeJDVx4urvGyIAXeEkeIPT2JEBwr9x4p8jSuE1QobBrTtcq8kBqsURO3lfvSL8HHcz0Ymdg6ifp2sY%2F%2BFBcdDbrLhjtPl%2F1mcBr4OsUQIxYB9%2BYQvp%2BLBCtXQrApmcZ6NkeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a21b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/4.jpg
104.26.11.176200 OK 1.8 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/4.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 59389d99986c2c273716a3a8318d137a
fb4182ad157fd847a0e454263fb1ce981751ae8e
a76e62e7aa1c08feb38cc3203ec6ae986bb5bfdf1820dd42b256061fa2a0990f
GET /sweeps/ww/giftcard2/4.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 1803
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-70b"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwWavbBXHkYpxOoY20AO4Iy8ohXT%2F0Z8MxglXdj%2BUsjlOOutDopC9pWtKNfeLvctOya7uvBmztVj%2F8aCI9uRNwUVIZc63qxWAh3CSqV1rnd%2Fk8BgLI%2BDUUfp3P0sIFJG8lT8Htd0Yqvy%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e37a23b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/1.jpg
104.26.11.176200 OK 1.9 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/1.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 7c4c03a240fbd38d376111329cb3399c
429f149a2f076040c32d328f89b2099308835d70
1ad68d21bdc5d7616e0ea09fda1fe683ac7ff548e3afa35680de2614dfbee051
GET /sweeps/ww/giftcard2/1.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 1863
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-747"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSXMcLfBu4IPBRwxFv%2FN%2FewuAWbP61cFnNQs8jKeEvkVUcT997s3r73gRBlimSAFhykyN%2FyF%2F43SKwzWL8JtT%2FPvebfgay8i%2FB%2Fq0gCST%2Fjh3H%2FCfXL0sHTKK4N8p6MWNdOv6gePm8a0Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e37a27b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/clip_footer_3.png
104.26.11.176200 OK 2.5 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/clip_footer_3.png
IP 104.26.11.176:0
File type PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data
Hash e1b626392882cc25b4d891afaa68afd4
454d7abdbc2548d04feb95436ea0ab4126b4f00b
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /sweeps/ww/giftcard2/clip_footer_3.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 2460
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-99c"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPNw4p4rEAafzIEqel3qUO%2BwovR9S4rOZUuwk2Q30vgdDs0KhsfbdahRoau8I0eZRXLQaWpG1AIawlnDt46iS1FazuBMAKxWmetKIAVbsUKToNsLoBqIB6W3KrboMg59GkCgYHTD34%2B5Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e37a29b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/like_user_1.jpg
104.26.11.176200 OK 1.3 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/like_user_1.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 2aa0d43e70d60d76ac4bdff139f8c7cb
d7e3433297ad90f5d99249aee29b645265c9f3eb
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /sweeps/ww/giftcard2/like_user_1.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 1293
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-50d"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LamYEK0iAMg6RmJLhC%2Fpu0crKyxDTvj8u5Fb4Li0lkZHRQ5W1oMwwXgZ5IT6WdDxwLQYxi9jqgchesnCqa7SDEzCdJi%2FP1kg4FSC8SUTRp0nZmJaDtKzN6Dxa%2BPKscKIFJcr5M2I8JeIXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a1cb517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/like_user_2.jpg
104.26.11.176200 OK 1.2 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/like_user_2.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash f9299c2023539a8f27a6e1b12ed260e5
046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /sweeps/ww/giftcard2/like_user_2.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 1216
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-4c0"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91AA6Wa3l2xa4n6yIbLeIlPEH%2Be6WWY3sncSNEKxMUej%2BaxwuUzWsjg5IrTYUPtBsWT5M43kNrxa8aBVeh56RQozoUp3LDUNW18qDVcRV0AUcZULSaRkqcQRp5RRkedKdZnp4GofAv5WfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a1eb517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/prize1.png
104.26.11.176200 OK 8.2 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/prize1.png
IP 104.26.11.176:0
File type PNG image data, 86 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 6290cff800ceb96ee20d5a19d0664880
ec920e4a2ecb24a6efec0dd55dd72f636c198d29
d110d7d2f6ea28a3f3e757b7d73f88d9f8d5b2974cb46b4c19e9bed9afc7d5e6
GET /sweeps/ww/giftcard2/prize1.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 8215
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-2017"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8wFXLDTf7l9JVC5Q56tqI%2FSXIST7bpUwFnR7%2FL3Vq8cW9Zd8vCGZ8RMYECe%2BN8OIqVfPjDmtYIbQURvfXqOTqHRdxWb9Apymmc8xgd4cfJiO6lpB6FPIVTgkYvLfd%2FW1yf0TtWV3LcHsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a1ab517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/prize2.png
104.26.11.176200 OK 7.3 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/prize2.png
IP 104.26.11.176:0
File type PNG image data, 83 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash d1fea41e41e0b65df696294be795b34f
46f37e9ac56617cf366adddf2ed2389b5b6dae0d
3d89d40b25c079be8baa42705fcd9c35933b6fd1456c66e849c3fdf37aa3856f
GET /sweeps/ww/giftcard2/prize2.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 7264
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1c60"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hucAR0cGHnsX%2B6BFtjVFw6P9NhH1U0bqoIm%2BLxWuQXF5oWuTvUgUAA2iic3jfGaz%2FuoUb%2BGgZ2TgIAJiYZaMUHG1cJZ8joeVD6htRuUHObi3kWBAqumzlcqi3VDuPA4QbYe3nD81mK2HdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a1bb517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/2.jpg
104.26.11.176200 OK 2.2 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/2.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 7af1c5ea7c34e1748aa8e4ac65d26256
506ccb8359f870d196643c85c38a8739e044b78b
afa0d114beef551ec69b8a3bf82f292729b7e8930f022a83bd68bec11e5fe474
GET /sweeps/ww/giftcard2/2.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 2182
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-886"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfV1QlnHQ3zwGg0lVDX0f%2BGWuxBVEBJoHdFkzQTt8lG7rpn2sljofdrapQNUfMd5Z0BRctlOsHztcRK4N7LgEHnnsrOPC6VH%2F1kVC2DziXOLoZ3iOMt5tg%2FSCClBC5qE0vc8NTkCB9IscA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a20b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/6.jpg
104.26.11.176200 OK 1.5 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/6.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 5cc7c7967e306b120f82fd0db3b457f6
db91fe10bd961a81c0cd0862c5f4836a50e44dd6
5f49dbcc11d1704c3f66ea256fc589c602cee87fea1f10d2d24181aeaf30ec14
GET /sweeps/ww/giftcard2/6.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 1495
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-5d7"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxEjbpf5EK2iZWcCVpZTLjphT3dRz434KhVY2GXqBr2QZlf9aMFmMi6z8p187q9%2BananzztgkDlnNnoXPkqOYI%2BD0%2BNEiH7mQ2whREaC6bUvxlTrdvo%2B0HYHbh0SwjqD6LedeppBIUXepw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e37a24b517-OSL
X-Firefox-Spdy: h2
rs.y1h1.com/recaptcha.css
104.26.2.157200 OK 28 B URL HTTP/2 rs.y1h1.com/recaptcha.css
IP 104.26.2.157:0
File type ASCII text, with no line terminators
Hash 8f48e083a831bd16da0aada175478aaa
df342632e700b5453c189d3129a1e7c5a27598c6
ec8e585ab06e164d11e99adcf9b18d3074de0ece7c922fc6cc99d86fad4d9ea7
GET /recaptcha.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: text/css
content-length: 28
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=31
etag: "5dc0edfb-1f"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Tue, 05 Nov 2019 03:35:23 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTjuyX2Fw2dFSpfmikJl%2BIVFH6q%2F%2BSxOll2%2FIoD5DFc%2F8Flfjx5XBi1En695V7oEYyN%2BnU70s9c7TynfztoOWf5QrgoWsVNCgpRcPRj1SVvpXtbFIxZdRSo0sLVY6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e38821b4ee-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/footer_right.png
104.26.11.176200 OK 6.8 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/footer_right.png
IP 104.26.11.176:0
File type PNG image data, 300 x 118, 8-bit/color RGB, non-interlaced\012- data
Hash ed8f956b5be34d80b8b6320dc43741ab
8448e9bcc591804bc820944e6cc073cf363d005a
1f69493b3c8fa89a0f217632374effe57b80d981d1726604e1283b9d3663abd0
GET /sweeps/ww/giftcard2/footer_right.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 6825
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1aa9"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MNxZ3EEjPqFtQRC9z2Rw8Hh%2F15hgpJ6XBfbMv9RYSVQUufWu16GX%2FptaswN9bUdr0DBK7uLWjUlup0FF6CYEPe10ganamFYo7hneE1WiXQyBP2E%2BGJW6BS4VTbRbI2IPvc6bQS9xd4OVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e37a2ab517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/8.jpg
104.26.11.176200 OK 1.6 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/8.jpg
IP 104.26.11.176:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash c31e3d6f2d5d38af20fee54b89568db4
38570ab4bd66cf8421877b46486b106beb925787
49194aa4fbfb6dfbeaa47328bd1a721e96c80e7d78cb8a6a15febb7a59d1c9e9
GET /sweeps/ww/giftcard2/8.jpg HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/jpeg
content-length: 1561
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-619"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4lCE5qsLw8vMEMny3B46It1Hj5aOMnviYj4VYOBlj%2BlQkpyOKyeiy8bJ%2FMD5zlcNyqIvLWlnYH3JwunzYyFATxDMMS9a7MhxdnU35ndC4BHNukntnP4X3OIifm2uNPqfvKj0VCvYv1Ynw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e37a28b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/menu_2x.png
104.26.11.176200 OK 15 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/menu_2x.png
IP 104.26.11.176:0
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 8714f78a15df3b8769c66518ad411404
4f1c074c4f7cd824c4e0a7a06a4f36838ec57bc7
c1d04143995e571804cca18baa14b05794545f77171d6697abde9ac432db57f1
GET /sweeps/ww/giftcard2/menu_2x.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 15194
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-3b5a"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTleM49VaIjUJ8CaI%2BLaCOofY0S8i%2B2M6NQMWgUzxszkulwAbFn6AlccFVcRCunaL9LILIAfA4zQkeiAT%2Fap5VBTIr4DD%2FVhv9rYPauAj9F8ECNWYNe6fqRxgugxCX33Ptzt4a1M%2Fzkndw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a15b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/pw_ix2.png
104.26.11.176200 OK 74 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/pw_ix2.png
IP 104.26.11.176:0
File type PNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data
Hash b9df5f56ef0c73de5d98acb6463a5663
935ed05378fd9461d074079f43d53187423138ff
5265aaacece3998b6363becfdd7e2a32eb53fb0a292e618701c2dc56a2405f93
GET /sweeps/ww/giftcard2/pw_ix2.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 74474
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-122ea"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ok9w6NaJgoSywNr2W1RWQ%2BjBZyMSAiV45mu1xMEEVaJXyvU7k%2B18gSkvYTxbNww7Y8uo9NyVPv2415bGmltWuMDjQ6mCMHmNliPdcd4iOq55KjBeks7w1EF9gY6OTaowVc1%2FQ4Q8a6LeEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a18b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/fonts.css
104.26.11.176200 OK 1.3 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/fonts.css
IP 104.26.11.176:0
File type ASCII text, with CRLF line terminators
Hash e58a0766385a6863b0881d9e93b0080d
cdc8dc709b0127650cc4fc8513dc7a7b4b53a81a
e4becc596c003164e3530be3a02e7e3bc5bbbb5737fa726330a2bf1c472da8d9
GET /sweeps/ww/giftcard2/fonts.css HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift1774.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: text/css
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: W/"612a1700-11e"
expires: Mon, 26 Sep 2022 15:58:31 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaS1TjQQpy2kT%2BJbBjC32bAtbNnfnY8pVAJwWU8fx06lUFLlleYCHtFBHh1Kc1QI6%2Bf6ksGcp5u2Fx0odEPszBvo2gVDwWDNglvDJM3sfKhINjGCkOYwTXGfU%2BWdKxVWh3y7m%2BSjXYF31w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e35a0fb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gift1774.giftforyou.top/sweeps/ww/giftcard2/action_icons_20px_2x.png
104.26.11.176200 OK 1.7 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/action_icons_20px_2x.png
IP 104.26.11.176:0
File type PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Hash b699975b5fe73b087e711a33ff24ee1e
0e33cc5c32a5e7d18440751e3946076664caaf53
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /sweeps/ww/giftcard2/action_icons_20px_2x.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift1774.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 1726
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-6be"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=323981sRHT38iyOhcrWSI%2FZkVKzUhcNWx%2FivnJ6IRvc5od5Cx4INH%2BbQ7yh2nnLatZPAsFvWlsPQ7zLKdlgEufEO1eMRraFhTdJlzyf1vqnbu73H0J%2BHgJgW8cAF9uX5ilP0O%2FLR0qwj3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e44a95b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/comment_action_2x.png
104.26.11.176200 OK 641 B URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/comment_action_2x.png
IP 104.26.11.176:0
File type PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Hash e9b3872b3e63e19728176d45f0aa6986
b638f89d5d80c4cd65327da973c52f778e30bd55
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /sweeps/ww/giftcard2/comment_action_2x.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift1774.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 641
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-281"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTN7KV734TgDlLlW61qTW%2BMj6VGszNx1XkGh7y5x7bKC4039XQ8eWJOAKOve%2Brb2bASjgnqU8uMwoD5RzeUFxHWh%2FAqizS%2BsKyCCJr0BaksYIAee5rTmfPKC5E9ZQoaCxpzznFkfI2ug3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e45a96b517-OSL
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 53827c4258d94f9e02fbdb5e0ba4d79e
d8b00a91e8a42d4fb94f30161483bd771a3863bd
12bb2d13a4f3b2ede99ea54ee1cf830d1a95f7f3eb195ddd2d140f0c0dfc9943
GET /recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 26 Sep 2022 03:58:31 GMT
date: Mon, 26 Sep 2022 03:58:31 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/spin_prize2.png
104.26.11.176200 OK 20 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/spin_prize2.png
IP 104.26.11.176:0
File type PNG image data, 142 x 173, 8-bit/color RGBA, non-interlaced\012- data
Hash 841b7dfad526a441082480272cec4d68
449f96d4797b6fce41dd7a528d37ef6a8915c963
a8d7a8a7438d524a0428090ed9b4a4524cd02b5df2afa35ffeafbe4526fc8be3
GET /sweeps/ww/giftcard2/spin_prize2.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift1774.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 20274
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-4f32"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg7kkC%2BzXFz5Yqgy9XAOA0Vuv9X%2BiOnDxPebArRwIayVXSs%2FgkELs8Kt7WJgCzkf39MdsNkHsnjVbLXNJwVoAjAplQ%2B8lq3Q9idXpzRDeTfuCf3qo29JOoFCYeysvcBotWnP3Ps%2B6MlMnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e44a93b517-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gift1774.giftforyou.top/sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png
104.26.11.176200 OK 218 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png
IP 104.26.11.176:0
File type PNG image data, 1012 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size 218 kB (217588 bytes)
Hash 569f0618faf737c699990a7b93e5f5b0
61648e75b7583f5c77a6856d70b0abd1913b830d
2d35027ed66ca224dd911778b3862002ca70e3c5282fbc4dde91136701c71922
GET /sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 217588
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-351f4"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooEbOc91txx10gQ%2Fq7rZq7t%2FQF5fShGihm2BJHn85NC3QlZFJ8MNwZeM7LYLEaceUHRb32jNRoMGLMx3F4CC0KPfP4%2Fxh0C39kHvlL8gGql4qGRgYzszEnwBXaiFDan0%2F6moV8vmm6EXug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e36a16b517-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 03:04:17 GMT
Expires: Mon, 26 Sep 2022 03:22:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T413DbotHFzllWjt4ekltWLSFO6S6_4UZQl-ABENNkxhCDvUX9EoOw==
Age: 3254
gift1774.giftforyou.top/sweeps/ww/giftcard2/SegoeUI.woff
104.26.11.176200 OK 246 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/SegoeUI.woff
IP 104.26.11.176:0
File type Web Open Font Format, TrueType, length 245844, version 5.5\012- data
Size 246 kB (245844 bytes)
Hash ee10411f11ca61338f5bcaebefbdf700
4c720d1b7f057aa38a9ac184bc209990778dc651
88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac
GET /sweeps/ww/giftcard2/SegoeUI.woff HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gift1774.giftforyou.top/sweeps/ww/giftcard2/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: font/woff
content-length: 245844
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-3c054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iChA7JZDIl8rTTWu64hgo5%2BZL48YDlOMQbheHHQPROYdNQyhcbsebzpDy74hfOsXsf%2FMT8gQHoLh0jkttR3FG0SOPLF76OLwPIpqyj4dHPwcCZPxItIte%2BzN6nheitYHnoX5QTccQzZyqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e46aa0b517-OSL
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/main-bg.png
104.26.11.176200 OK 699 kB URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/main-bg.png
IP 104.26.11.176:0
File type PNG image data, 760 x 1396, 8-bit/color RGBA, non-interlaced\012- data
Size 699 kB (698653 bytes)
Hash adbccee0708ae3b7a71d9652fb353299
1eb43728f22ca4adfacab76009e48bcb428e2182
077376ddc9c604e63cb3b7552b415042ea1c9f408ddbe3a571f419bb83cd72bd
GET /sweeps/ww/giftcard2/main-bg.png HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift1774.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/png
content-length: 698653
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-aa91d"
expires: Wed, 26 Oct 2022 03:58:31 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99uWvecAs7FOdxq9o%2FBpA1tX9O0q5kA3EM6yx6axZj1eIlTL%2FmPWz67DvjpbeNCidi6q49%2FjdqNkeBsuQGUpGIBFeWaOrTaOiGw%2BJm9wPpsdpPFZ94KQzWqMR2rK2TtGKNUsWha5MVd%2Bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e44a92b517-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1867
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:31 GMT
Last-Modified: Mon, 26 Sep 2022 03:27:25 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
gift1774.giftforyou.top/favicon.ico
104.26.11.176200 OK 12 kB URL HTTP/2 gift1774.giftforyou.top/favicon.ico
IP 104.26.11.176:0
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Hash d0d56fe5a25cb13bfb1c5e31e0bc3550
ce70784fa1c73719c519ff86a6a3e42fb68f4e5e
a94d3b983d3401bc5c875e5bba36bd1710f48fb42810065f738bda4fe89dbe98
GET /favicon.ico HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: image/x-icon
last-modified: Mon, 10 Jan 2022 06:10:46 GMT
etag: W/"61dbcde6-1083e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boALto16t6fpSvaeFr7y0WI0LfIvlZQOp9wP5yBNnjmqfUBO5ZOBVkOSPtwwdzrarZ9yjdm9jKUw3kRQapRWP4tP%2BafoBdiOhFXvOaJHZ6S9LakL4pP%2Fpsrjjp7tP1JskNGYuEY4YkI4xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e73c42b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 478855a1c7b26a9ef2a0f758a9a70df1
77bdc2024167a4389d7f7c0140b7f0bcb337a2a8
6f00566805cb194cab284ea6d6805a7ef58056751f36db140c89c8bfac86d19a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:31 GMT
Server: ECS (amb/6B96)
Content-Length: 279
www.googletagmanager.com/gtag/js?id=G-37GE99Q100
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-37GE99Q100
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash 4a7dee6c522aef5164ed1be39ce6c7f3
f31db7b42c6c4fd6f9ffdac68fc641c4a16eb5e8
0fb84afeed1f6e2cd6f77837d876f72f9e0c36fca2cf08488d24863a309c1840
GET /gtag/js?id=G-37GE99Q100 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 03:58:31 GMT
expires: Mon, 26 Sep 2022 03:58:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rs.y1h1.com/backbutton.js
104.26.2.157200 OK 2.2 kB URL HTTP/2 rs.y1h1.com/backbutton.js
IP 104.26.2.157:0
File type ASCII text, with very long lines (4816), with no line terminators
Hash 36af2579d4a493070e062739d05a42b1
cec9ce7f62a53ddfb257257866c367b98ed3a9b5
082fb1a5eeebdb8d2b2cd8abf821f71cfeeaf4b2579922cc9a16ab32e82fa8fa
GET /backbutton.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"61d46677-12d0"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Tue, 04 Jan 2022 15:23:35 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BzxGY2wJV%2B1V980X7YfLilLSOQM2gF%2FwTliScZ1sFLsa8Hz6IaN7d3EP63jL%2FGiwDqv4PICGqNlsglrdyAwIDWkFhhtQhGBFRk8Z0%2Bd2TO6l7ZOR2lXF3rovX1e1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e458a6b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
t.y1h1.com/update?eventSub3=view&event3=1
104.26.2.157200 OK 2 B URL HTTP/2 t.y1h1.com/update?eventSub3=view&event3=1
IP 104.26.2.157:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /update?eventSub3=view&event3=1 HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift1774.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: text/plain;charset=UTF-8
content-length: 2
access-control-allow-origin: https://gift1774.giftforyou.top
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdgziJqRKZne9PUzi7UYE3FNfrsRO6Q7GXaM11LzYaM%2BGIifJVGlhyapHrMYU8w8DAtPyzjQJMbn2jvGdXl2yQGcF1KPr87XYnIAccugHJDguMquqN%2FJidqAmmUh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e8ce3b0b3d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift1774.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 19956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 03:02:14 GMT
expires: Mon, 26 Sep 2022 04:02:14 GMT
cache-control: public, max-age=3600
age: 3378
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.99e50R6b4a4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpjUhGxFCXN4e2-zoCcY3WdFh3Ocw/m=el_main
142.250.74.74200 OK 94 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.99e50R6b4a4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpjUhGxFCXN4e2-zoCcY3WdFh3Ocw/m=el_main
IP 142.250.74.74:0
File type ASCII text, with very long lines (1613)
Hash abe5dfbfca8f0907abb1bab1f3597906
ec03951a1465e01b2d4170e1c9aeaf34d21d16d0
4e9df864bff28fb550b7f19254a3d007ba4db0c3cdd7071cc9e6b5d8418d4238
GET /_/translate_http/_/js/k=translate_http.tr.no.99e50R6b4a4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpjUhGxFCXN4e2-zoCcY3WdFh3Ocw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 93858
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:39:31 GMT
expires: Fri, 22 Sep 2023 20:39:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 21:14:53 GMT
content-type: text/javascript; charset=UTF-8
age: 285541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.46200 OK 185 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.46:0
File type ASCII text, with very long lines (560)
Size 185 kB (184951 bytes)
Hash b6073e058031f72519e27a679c7371ae
2f7eca8340ca714d5e2ef93e668f10f4f83cd2d4
ddb5fec945fd8fa0b6978264efdeefe050a005c1d0822179daac17ccae21efcd
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 03:58:31 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+969; expires=Wed, 25-Sep-2024 03:58:31 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 141994
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 270601
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100>m=2oe9l0&_p=522266834&cid=27843624.1664164710&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664164710&sct=1&seg=0&dl=https%3A%2F%2Fgift1774.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1664164696-fIxCLI%26utm_medium%3D-%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_Sweeps_RandomPub%26isp%3DGoogle%2BLLC%26city%3DMountain%2BView%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D160d6454166d521596%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100>m=2oe9l0&_p=522266834&cid=27843624.1664164710&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664164710&sct=1&seg=0&dl=https%3A%2F%2Fgift1774.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1664164696-fIxCLI%26utm_medium%3D-%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_Sweeps_RandomPub%26isp%3DGoogle%2BLLC%26city%3DMountain%2BView%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D160d6454166d521596%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-37GE99Q100>m=2oe9l0&_p=522266834&cid=27843624.1664164710&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664164710&sct=1&seg=0&dl=https%3A%2F%2Fgift1774.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1664164696-fIxCLI%26utm_medium%3D-%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_Sweeps_RandomPub%26isp%3DGoogle%2BLLC%26city%3DMountain%2BView%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D160d6454166d521596%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Mon, 26 Sep 2022 03:58:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11916
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11916
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11916
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11916
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11916
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:58:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:14 GMT
age: 21678
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 20527
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a75be68e82e6a0ba74932fbe74c7b30
36310320605833289e78cd248c45915363a0a0c3
56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:07:18 GMT
age: 21075
etag: "36310320605833289e78cd248c45915363a0a0c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 720fc80bd0ff9b71f20c8e0c13e1084e
6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50
e84bcabd01425354050fe8ba5f4b29a97f05e6f5f15d26d0706c174136de30e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: 9255ee80-ae19-4b47-882b-01e663e857ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG-EmZoAMFyWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-70cc0bc87ed2480879ba081a;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dKd7twQASH_A1tvi8WwaArQfizf3FoLq-gIMvmcz0RAAPXLdhpK5Bw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:19:32 GMT
age: 20341
etag: "6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 20897
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:19 GMT
age: 22874
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/jquery.min.js
104.26.11.176200 OK 0 B URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/jquery.min.js
IP 104.26.11.176:0
GET /sweeps/ww/giftcard2/jquery.min.js HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
vary: Accept-Encoding
etag: W/"612a1700-14e4e"
expires: Mon, 26 Sep 2022 15:58:31 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BF%2FliobeF2E2GXHP8MbjlQ2aBPcTSaF7CN%2BpUyJu5fB9FQ3L%2Fttf0LeFsIAgaM%2BomWkOuhak2OzEYIigCRCk2iKudqXvCzoo9EPJn72vwlzoNcKZaPgExcQtM4jdWrJZ5%2Ba7rYzf68PZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e46a9eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
rs.y1h1.com/copy.js
104.26.2.157200 OK 0 B IP 104.26.2.157:0
GET /copy.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6308a3c6-ea8"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Fri, 26 Aug 2022 10:43:18 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZwitlZAybKYYfeY3O2JStXB5M5Sy%2B44IPhic0vcPu0ym8XcRw8Jwjcjb7%2BYYWUwZGJaycj4W2PMiuVTOAwv2nUomEPJdqtdZYfxdA4V6E7dWpHqD8qwYjPiag4Onw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e458a2b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
gift1774.giftforyou.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.11.176200 OK 0 B URL HTTP/2 gift1774.giftforyou.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.11.176:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:30 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
etag: W/"632b45da-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F146lh1DJ7%2FzNAZ6j1i4cL77p5gppmsm%2FTO56NiDkRq7Gy8BUMlaZGe69DLXQGrvecbBq%2FrG%2FC8nrOASwkPdEwGLT2wa2GTU9lhxJjRSebvcARssFCCLzu5AZpqw2R8mddiU9MUnNSPgSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e37a2bb517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 28 Sep 2022 03:58:30 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
104.26.11.176200 OK 0 B URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
IP 104.26.11.176:0
GET /sweeps/ww/giftcard2/jumostyle.css HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift1774.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: text/css
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
vary: Accept-Encoding
etag: W/"612a1700-444b"
expires: Mon, 26 Sep 2022 15:58:30 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEAK3Cmz9G60yYOk1nEZL1JGcjPkggf2RMkmQA1rVdHuAgpsUcmcASsyX5VBuALuwM2zk2Lhjt1ToopDn4Mz8%2F%2F5VcUAsCY4T99ZZQsWwPvN%2FF9aXsF1BZgWuNdvfWP%2FC7u3Ud3L7jiaxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e35a11b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
rs.y1h1.com/trans.js
104.26.2.157200 OK 0 B IP 104.26.2.157:0
GET /trans.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=337
etag: W/"60837b56-151"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Sat, 24 Apr 2021 01:58:46 GMT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONRqYxP0ANRuFmyIw0w%2FBKoutIqs2VxzbIUfKT2zj1acv7nfvzJoxxJpW4eQyJ1Jbu2%2BV%2BbFZ%2BCB91VoOvjomRScsA3BsJ9QcfIn77egjA9iaPfdMut%2F1Z6Tts0rtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e7ca79b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
rs.y1h1.com/load.js
104.26.2.157200 OK 0 B IP 104.26.2.157:0
GET /load.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6311dce6-1b90"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Fri, 02 Sep 2022 10:37:26 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JANga%2FK9HtxrP0c0mmHQvEJTPfKxu3XEE194Z%2BjYu7lmYoa%2F3f0WHfPv607F278WPJD9Eoi6eXu0deTX%2BRPXSBK0u5lRdWr9P3Q8cFI%2FePFJIOJ8t%2FlDD%2B4d454imA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e468a9b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
rs.y1h1.com/push.js
104.26.2.157200 OK 0 B IP 104.26.2.157:0
GET /push.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"61d4671f-2950"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Tue, 04 Jan 2022 15:26:23 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB0BR1gLOSVmspl%2BfRyKD7KIXLLZObaRjYqD67qFg%2FIZV1fDYBepQvINCrJnlax%2BklY%2Fug1GWnryeUDFz8sPrNa7znSiamaw2UGjcfRVO0uxQNfPOWIWF3W77t2jWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e77a55b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
t.y1h1.com/recaptcha/verify?token=03AIIukzhyk2VUGD54j3Cwdb3vdlLKTVSYJhwaymkeS9RjkGAuAhKLxCCheB-_-v2TKvmkvoyNi0Do-QgkkKd5ujd66lxXV08J2VEcQL-dVLpl2WZl2aEATlHovYBybc_UfqP8-6kehZhfCh60R0Txfp6FcWtxwsZeOmyLUyPnPyw6LMADANEw7tqHvN7CIyBRVsh52mCZ_Q7DHvkGlkWjYIJDn8vzbjpVstHcZLKZInO3Tud7INpcgKblVkO50bafsRLzbsgRT-dCG6npPt0XmVHFkYzYERdSjuyC7PYZzvWRsksMGmGUR5vXZCxsRiBF3Ip0OYGyQ2r08CG6wUlgiTQCWw3AOuIUFrbd60l_bjGc9coVrGQC9SnGlagRu84EwTdRFHc-GWL-9is8oIUZmGZ7lN20HZ-sDuZw7PDP4hUWAhAbPTtVtLxaQrgDf-iWvaYxMQ2u2M1cXSWsER_PvSolovynVNJHDnTF69ZYV74TMLMARiOh1IPp_Pc_tW8aT6ZdLh5I6ySf2vMdDbVkiw8uzrxqd_hcdw&vid=1664164696-fIxCLI&eventSubField=eventSub9&eventField=event9&botScore=0.5
104.26.2.157200 OK 0 B URL HTTP/2 t.y1h1.com/recaptcha/verify?token=03AIIukzhyk2VUGD54j3Cwdb3vdlLKTVSYJhwaymkeS9RjkGAuAhKLxCCheB-_-v2TKvmkvoyNi0Do-QgkkKd5ujd66lxXV08J2VEcQL-dVLpl2WZl2aEATlHovYBybc_UfqP8-6kehZhfCh60R0Txfp6FcWtxwsZeOmyLUyPnPyw6LMADANEw7tqHvN7CIyBRVsh52mCZ_Q7DHvkGlkWjYIJDn8vzbjpVstHcZLKZInO3Tud7INpcgKblVkO50bafsRLzbsgRT-dCG6npPt0XmVHFkYzYERdSjuyC7PYZzvWRsksMGmGUR5vXZCxsRiBF3Ip0OYGyQ2r08CG6wUlgiTQCWw3AOuIUFrbd60l_bjGc9coVrGQC9SnGlagRu84EwTdRFHc-GWL-9is8oIUZmGZ7lN20HZ-sDuZw7PDP4hUWAhAbPTtVtLxaQrgDf-iWvaYxMQ2u2M1cXSWsER_PvSolovynVNJHDnTF69ZYV74TMLMARiOh1IPp_Pc_tW8aT6ZdLh5I6ySf2vMdDbVkiw8uzrxqd_hcdw&vid=1664164696-fIxCLI&eventSubField=eventSub9&eventField=event9&botScore=0.5
IP 104.26.2.157:0
GET /recaptcha/verify?token=03AIIukzhyk2VUGD54j3Cwdb3vdlLKTVSYJhwaymkeS9RjkGAuAhKLxCCheB-_-v2TKvmkvoyNi0Do-QgkkKd5ujd66lxXV08J2VEcQL-dVLpl2WZl2aEATlHovYBybc_UfqP8-6kehZhfCh60R0Txfp6FcWtxwsZeOmyLUyPnPyw6LMADANEw7tqHvN7CIyBRVsh52mCZ_Q7DHvkGlkWjYIJDn8vzbjpVstHcZLKZInO3Tud7INpcgKblVkO50bafsRLzbsgRT-dCG6npPt0XmVHFkYzYERdSjuyC7PYZzvWRsksMGmGUR5vXZCxsRiBF3Ip0OYGyQ2r08CG6wUlgiTQCWw3AOuIUFrbd60l_bjGc9coVrGQC9SnGlagRu84EwTdRFHc-GWL-9is8oIUZmGZ7lN20HZ-sDuZw7PDP4hUWAhAbPTtVtLxaQrgDf-iWvaYxMQ2u2M1cXSWsER_PvSolovynVNJHDnTF69ZYV74TMLMARiOh1IPp_Pc_tW8aT6ZdLh5I6ySf2vMdDbVkiw8uzrxqd_hcdw&vid=1664164696-fIxCLI&eventSubField=eventSub9&eventField=event9&botScore=0.5 HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift1774.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:32 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://gift1774.giftforyou.top
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HATFohi4qdijF0QECtVBqdkMPlMPWazLM6rH6xWew%2FyOkGL9tnT2kE94sD1wqgJRHwk144aKOwfR4%2FkJfXZy1oLb%2FXT5ktpK3eLgGS8L%2Bx9ZcgUo%2FtLo%2BUnTtCx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914eed8640b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2
104.26.11.176200 OK 0 B URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2
IP 104.26.11.176:0
GET /sweeps/ww/giftcard2/index_en-us.php?vid=1664164696-fIxCLI&utm_medium=-&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_Sweeps_RandomPub&isp=Google+LLC&city=Mountain+View&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=160d6454166d521596&ck=2 HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r51flBpFmFwRCqEx2WrSWd3m4N2uvpvtYq4tmZCviyXRXFDxYwxburlizjcy0n0rO5BIYI%2FnbFYcM%2FzsCrxi64Ie7ELY8oVVBrgXfCBuMLptt%2B%2Fkon3LNplSUd5fYWAtQ6%2BVVCUUxn67jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e22953b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
rs.y1h1.com/common.js
104.26.2.157200 OK 0 B IP 104.26.2.157:0
GET /common.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6214ae9e-42fe"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Tue, 22 Feb 2022 09:36:30 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjTh2q7gHGJGh5ihairHPqyjqvbVYSmZ612YvyRr0iGFwCw2G2SDBTeBNo%2FvwTi4aLtuFQWqgDLR%2BkjraiDuigPc%2BPG3MvPo5W%2BntwZQ6X002P81tOWFQmm9zXujAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e468abb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
rs.y1h1.com/trans.css
104.26.2.157200 OK 0 B IP 104.26.2.157:0
GET /trans.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=417
etag: W/"60837b07-1a1"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Sat, 24 Apr 2021 01:57:27 GMT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1INCRA2NDwSFOeAnMs8PMyuwR6DpSbz7Fy7WqqxWQ8OzTPJ7dKzE6DLInXHg7KSOS62ymdXeS9MofMDFTX0M%2FVJzjCZMNvuObBwiW8GLRKZWEsF2NX1p3eBWaphrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750914e7ca78b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
rs.y1h1.com/checkbot.js
104.26.2.157200 OK 0 B IP 104.26.2.157:0
GET /checkbot.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6222c2ff-1fef"
expires: Mon, 26 Sep 2022 15:58:31 GMT
last-modified: Sat, 05 Mar 2022 01:55:11 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1BOF9erZN8235Pbrjqzv7gHz%2By%2Blq5vJUg36yTow3OB5XwoJBsig%2B2YCV2XelCzeQddoSsYPM1zG6IoZfoP2rw3f18b7JdzIIXWC4Q5qnqXchkn7mVmQQF8G1i8Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e458a3b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
gift1774.giftforyou.top/sweeps/ww/giftcard2/newmain.js
104.26.11.176200 OK 0 B URL HTTP/2 gift1774.giftforyou.top/sweeps/ww/giftcard2/newmain.js
IP 104.26.11.176:0
GET /sweeps/ww/giftcard2/newmain.js HTTP/1.1
Host: gift1774.giftforyou.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 03:58:31 GMT
content-type: application/javascript
last-modified: Mon, 18 Oct 2021 21:08:10 GMT
vary: Accept-Encoding
etag: W/"616de23a-110b"
expires: Mon, 26 Sep 2022 15:58:31 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poDx1xJ5gLYqxC8GiyZaU1z%2FkA0Z9wDMs79%2Bdrw7AwheD57dktFTOE1f1iIfCxA4oAnBTTFWyt%2B9Zdm9qwxvxM2R6p%2B5WHexYpuckx9XT7xz23ZQQhw8BYey70RzB8Wtwy3%2BfPDPkSXXhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750914e46a9db517-OSL
content-encoding: br
X-Firefox-Spdy: h2