win.click2win4life.com/api/user?site_id=43&LPGID=256&email=&aff_name=Oddbytes&aff_id=2478&aff_sub=15872394&aff_sub2=818863&ha_transaction_id=f58307ba1ca84c33a38acbea9e9e275c&ha_offer_id=4011&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
302 Found 0 B URL User Request POST HTTP/3 win.click2win4life.com/api/user?site_id=43&LPGID=256&email=&aff_name=Oddbytes&aff_id=2478&aff_sub=15872394&aff_sub2=818863&ha_transaction_id=f58307ba1ca84c33a38acbea9e9e275c&ha_offer_id=4011&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
IP
Certificate IssuerLet's Encrypt
Subjectclick2win4life.com
Fingerprint0D:B3:70:86:F3:52:6B:AB:C9:DD:99:37:98:91:A3:DF:1D:53:52:62
ValidityTue, 31 Oct 2023 03:33:29 GMT - Mon, 29 Jan 2024 03:33:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/user?site_id=43&LPGID=256&email=&aff_name=Oddbytes&aff_id=2478&aff_sub=15872394&aff_sub2=818863&ha_transaction_id=f58307ba1ca84c33a38acbea9e9e275c&ha_offer_id=4011&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age= HTTP/1.1
Host: win.click2win4life.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://win.click2win4life.com
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/api/user?site_id=43&LPGID=256&email=&aff_name=Oddbytes&aff_id=2478&aff_sub=15872394&aff_sub2=818863&ha_transaction_id=f58307ba1ca84c33a38acbea9e9e275c&ha_offer_id=4011&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
Cookie: AWSALB=768lisXauESmksJ0dYujX2U3rzU2MFkf1lPtTkBkZY0b76xrRGWl29St1HU1FcG4onGEqjnXLldAS/01RlOK0iHStUURj94SedQncF1mGeS9Msv6L/zboqtdK+42; AWSALBCORS=768lisXauESmksJ0dYujX2U3rzU2MFkf1lPtTkBkZY0b76xrRGWl29St1HU1FcG4onGEqjnXLldAS/01RlOK0iHStUURj94SedQncF1mGeS9Msv6L/zboqtdK+42; vertx-web.session=b3526170cdb0c309681e0d04fabd5f47
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Mon, 20 Nov 2023 19:09:26 GMT
content-length: 0
location: https://win.click2win4life.com/api/offer
set-cookie: AWSALB=2cIOeG+5k5Au1s2UGojCImKd0ZrR8nRMcJ5/udYw1UcAgzw9uy3ksavNer9TSZ8PraOlwYqSOFeecVoD0UMKTLggn++5ArSYBo9yFoThJK+xNEbRvWzAqUN69N1G; Expires=Mon, 27 Nov 2023 19:09:26 GMT; Path=/
AWSALBCORS=2cIOeG+5k5Au1s2UGojCImKd0ZrR8nRMcJ5/udYw1UcAgzw9uy3ksavNer9TSZ8PraOlwYqSOFeecVoD0UMKTLggn++5ArSYBo9yFoThJK+xNEbRvWzAqUN69N1G; Expires=Mon, 27 Nov 2023 19:09:26 GMT; Path=/; SameSite=None; Secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb7pzxSeTrFG5arnP%2BYEtyc5nhYX1%2B73AgOM28LGZMWIKGEY30TexhSu0lsP%2B4JqQYlBEIrl8f9Ubh2PENBjUzLZ8b%2BKb7WqUmiJJEdm4ledrzkLnhMn7RbqVHLs2jRveHa1sUeatfrL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8292fcbd59e0b521-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.0/css/bootstrap.min.css
200 OK 17 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.0/css/bootstrap.min.css
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65324)
Hash 9e844130fe1a05cb0e0a5894bd861c99
c794c997f257a86d4c8e278d06f66045e9415b4d
ff2909c3fc03c4c6b40108470d87ee304c156f8247331f61e230f85ef1ea5735
GET /ajax/libs/twitter-bootstrap/4.4.0/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 19:09:26 GMT
content-type: text/css; charset=utf-8
content-length: 17430
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-26e4d"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2132049
expires: Sat, 09 Nov 2024 19:09:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bA8YIhWoAwZPdDs1H5bJ1vB9sfe%2B4rxXSLO%2F9Y7Oeq9wqns8%2F8Z2qCQCSBRfTSnuKOOPvIj1VrroIaSOsCg0xlhfQWeTx%2BlQjj728XMLJ7Sllmokd03a9%2FhYoqpxL5CyER%2BnWN%2Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8292fcc2f83256c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
200 OK 96 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 95786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:22:00 GMT
expires: Fri, 15 Nov 2024 23:22:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 330447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/extend.js
200 OK 555 B URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/extend.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash d36acdb39830efeba0870ae5dbc52444
72d87d6209fd160e6b78fe0006ca2cc07b8783ae
48ff4d35619e8050868c59b2bc61dc421e0d9659feea95aa5a88f5e0d8eb401f
GET /js/extend.js HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 555
last-modified: Fri, 03 Mar 2017 18:45:48 GMT
x-amz-meta-s3b-last-modified: 20170303T184138Z
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Nov 2023 07:27:12 GMT
etag: "d36acdb39830efeba0870ae5dbc52444"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l87UmRPFVVqiDomgEi-mRw1hUhOMGnVbqX42OogASK2gZ5ESToTn-g==
age: 42136
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
200 OK 64 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (32119)
Hash dfe3ecf96456f8cafc12a7f48de6b8c8
9927afbb31df93a76977a676a933b7e3696d61ba
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
GET /ajax/libs/jqueryui/1.11.1/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 63865
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:22:04 GMT
expires: Fri, 15 Nov 2024 23:22:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 330443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css
200 OK 8.1 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2363)
Hash 6c1ee75d5ece8744e9a5a18a410b8003
0aa0d2a0b9e75e8e7d06f9a63f8c23a503fd87e4
9b725056b2fe2b144719e8120457f251eb85b9a8c776753cbadef3c0deb6dd05
GET /ajax/libs/jqueryui/1.11.1/themes/smoothness/jquery-ui.css HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 8060
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:26:21 GMT
expires: Fri, 15 Nov 2024 23:26:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 330186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/RegPath-v3.0.js?rev=335
200 OK 6.2 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/RegPath-v3.0.js?rev=335
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 2d2ea84421ddc96028d7717b9f93d53b
5f71d93b7120271fd0e1c8d99777efe8b7745c18
4b2ff65def0fe41e8ab99394fc19ca18d3c1bb1300f2bb917ff45908531f8eae
GET /js/RegPath-v3.0.js?rev=335 HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 19 Apr 2023 12:42:34 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 09:12:24 GMT
etag: W/"96fabdd68a0a8491699e891eb57e59e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sIllPvs2Z52evrDgC9IbTkcK_BzT6pGp8CGtDiIGnML6e93MobtvIA==
age: 35824
X-Firefox-Spdy: h2
live.r3engage.com/1316
200 OK 5.4 kB IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoDaddy.com, Inc.
Subject*.r3engage.com
FingerprintC1:23:DD:4F:93:20:DA:86:1A:A1:6E:42:6D:3F:CE:8D:C9:EF:75:FE
ValidityMon, 28 Nov 2022 22:08:24 GMT - Sat, 30 Dec 2023 22:08:24 GMT
File type ASCII text, with CRLF line terminators
Hash 44d7c92d9755110d90f85d76a4681a17
ffc17c4028db2e9013296a186b0092276504c650
7753a39b250277e98d05b2c62d549b2e4b3781be3b99fed0e62b8560a2229812
GET /1316 HTTP/1.1
Host: live.r3engage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Nov 2023 19:09:27 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.2.26
www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
200 OK 90 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (14165)
Hash ec66b90182307452ab4ec9a13a93dcf1
a2d5d39228521969e3833daae218d262c6ea0f93
a01b8a73d5892cce4ae51290826f91c4102022bda9e8fd331fd032be6be8b603
GET /gtm.js?id=GTM-5FTSXJG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 19:09:27 GMT
expires: Mon, 20 Nov 2023 19:09:27 GMT
cache-control: private, max-age=900
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90483
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
200 OK 90 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3651)
Hash b2c773f141e32ec6d4b16ead43e449ac
ff2d1ebb8e9de0bba20a9a2965d5450e656b955c
e31fd9667be4929a646597608c812ec8d0cae25a643d00f6db7b5589aada9a85
GET /gtag/js?id=G-TSC3CVVXJJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 19:09:28 GMT
expires: Mon, 20 Nov 2023 19:09:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
200 OK 90 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (14165)
Hash 61d66a13be26be581f419846cba40ff9
a1a052af5e2069f59eb75b606c33c38f1e886201
22c440e04f5ad9c3d2b053ad11100db44b524977aff81ed5b7387711ef20dbe2
GET /gtm.js?id=GTM-5FTSXJG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 19:09:28 GMT
expires: Mon, 20 Nov 2023 19:09:28 GMT
cache-control: private, max-age=900
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
200 OK 90 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (14165)
Hash aee206fdd610aab5496ec90d2339775c
384ff1e68dae5fdc5428672540bd141d790cf2c2
1cc0bbf8f03767603d46b8b630574ae14a69e556b162be27b75ccf12afa854e6
GET /gtm.js?id=GTM-5FTSXJG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 19:09:28 GMT
expires: Mon, 20 Nov 2023 19:09:28 GMT
cache-control: private, max-age=900
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
200 OK 90 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-5FTSXJG
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (14165)
Hash aee206fdd610aab5496ec90d2339775c
384ff1e68dae5fdc5428672540bd141d790cf2c2
1cc0bbf8f03767603d46b8b630574ae14a69e556b162be27b75ccf12afa854e6
GET /gtm.js?id=GTM-5FTSXJG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 19:09:28 GMT
expires: Mon, 20 Nov 2023 19:09:28 GMT
cache-control: private, max-age=900
last-modified: Mon, 20 Nov 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
live.r3engage.com/r3engage.php?r3move=1&r3cache=0&testsess6876=2bd8c8bf84ae6495a820b772fc07df09&referrer=https://win.click2win4life.com/api/user?site_id=43&LPGID=256&email=&aff_name=Oddbytes&aff_id=2478&aff_sub=15872394&aff_sub2=818863&ha_transaction_id=f58307ba1ca84c33a38acbea9e9e275c&ha_offer_id=4011&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=&fp=_&ce=a&res=b&cnv=f&ver=d&res_av=c&ver_os=e&campaign_id=1316&s1=&t1=&t2=&t3=
200 OK 18 kB URL GET HTTP/1.1 live.r3engage.com/r3engage.php?r3move=1&r3cache=0&testsess6876=2bd8c8bf84ae6495a820b772fc07df09&referrer=https://win.click2win4life.com/api/user?site_id=43&LPGID=256&email=&aff_name=Oddbytes&aff_id=2478&aff_sub=15872394&aff_sub2=818863&ha_transaction_id=f58307ba1ca84c33a38acbea9e9e275c&ha_offer_id=4011&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=&fp=_&ce=a&res=b&cnv=f&ver=d&res_av=c&ver_os=e&campaign_id=1316&s1=&t1=&t2=&t3=
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoDaddy.com, Inc.
Subject*.r3engage.com
FingerprintC1:23:DD:4F:93:20:DA:86:1A:A1:6E:42:6D:3F:CE:8D:C9:EF:75:FE
ValidityMon, 28 Nov 2022 22:08:24 GMT - Sat, 30 Dec 2023 22:08:24 GMT
File type ASCII text, with very long lines (14786), with CRLF, LF line terminators
Hash 142351ec096628724aa048c3bad9c226
681766e34b50fae1ad457505ecfef5d9f0b6709c
cfeaf3a3fa9d1c936efde50dbea2a5d8ef74824470182a52dd299aa73abb4f57
GET /r3engage.php?r3move=1&r3cache=0&testsess6876=2bd8c8bf84ae6495a820b772fc07df09&referrer=https://win.click2win4life.com/api/user?site_id=43&LPGID=256&email=&aff_name=Oddbytes&aff_id=2478&aff_sub=15872394&aff_sub2=818863&ha_transaction_id=f58307ba1ca84c33a38acbea9e9e275c&ha_offer_id=4011&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=&fp=_&ce=a&res=b&cnv=f&ver=d&res_av=c&ver_os=e&campaign_id=1316&s1=&t1=&t2=&t3= HTTP/1.1
Host: live.r3engage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Nov 2023 19:09:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.2.26
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: R3_SESS_ID=2bd8c8bf84ae6495a820b772fc07df09; expires=Tue, 21-Nov-2023 19:09:28 GMT; Max-Age=86400; path=/; domain=.click2win4life.com; secure
whatif-assets-cdn.s3.amazonaws.com/images/c2w/c2w_ani_logo.gif
200 OK 208 kB URL GET HTTP/1.1 whatif-assets-cdn.s3.amazonaws.com/images/c2w/c2w_ani_logo.gif
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 960 x 640\012- data
Size 208 kB (208545 bytes)
Hash dd37701b2e07b044ce399a0cb8036d77
fa4a907c1a6ccedc5e0ecab64d3beb3643fd1a5a
294de811b09282b78945dcf5ef810d60f32795e61da9781c22d7162d92904af3
GET /images/c2w/c2w_ani_logo.gif HTTP/1.1
Host: whatif-assets-cdn.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: KY8qKz9qVAH5eAtUJBVuCk2bJ2q6j6ohfUY5bezcGBqLrcqcKRoRdGjMVOswR16f9TIJOnuk4i8=
x-amz-request-id: 8NBF1QE68TDBVRCP
Date: Mon, 20 Nov 2023 19:09:28 GMT
Last-Modified: Tue, 20 Jul 2021 19:15:28 GMT
ETag: "dd37701b2e07b044ce399a0cb8036d77"
x-amz-storage-class: INTELLIGENT_TIERING
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 208545
script.anura.io/request.js?instance=1983232990&source=35&campaign=2478&exid=b3526170cdb0c309681e0d04fabd5f47&64051117277
200 OK 22 kB URL GET HTTP/2 script.anura.io/request.js?instance=1983232990&source=35&campaign=2478&exid=b3526170cdb0c309681e0d04fabd5f47&64051117277
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint83:CF:23:67:0B:B9:DB:BB:65:3F:31:44:AD:06:8B:B2:7E:B4:E1:20
ValidityMon, 16 Oct 2023 00:00:00 GMT - Wed, 13 Nov 2024 23:59:59 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash f9fe75eff2b5c02cdbc62f90cb96a7cf
94976047b9c87f858865b26605624e27c01951d3
ec695779ec0349252ebb1e1f3f5caba1d7aa0f41105230c8da05a7ba3b9ae07c
GET /request.js?instance=1983232990&source=35&campaign=2478&exid=b3526170cdb0c309681e0d04fabd5f47&64051117277 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 19:09:28 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32013958D0C648C3908CCD530FEEDEB7 Ref B: OSL30EDGE0415 Ref C: 2023-11-20T19:09:28Z
date: Mon, 20 Nov 2023 19:09:28 GMT
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://win.click2win4life.com
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 15:17:47 GMT
expires: Tue, 19 Nov 2024 15:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 13901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d3v6q7097edepm.cloudfront.net/fonts/font_style.css
200 OK 388 B URL GET HTTP/2 d3v6q7097edepm.cloudfront.net/fonts/font_style.css
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (388), with no line terminators
Hash b1aefbe0145794b1b12df477e94590fc
f6ae9671dbc490ce94785a43d9cc87a440b7de38
c889d274343f4c399a643353e1e19e13f924fbbf3161c1f6d91ba6bb40c3fe14
GET /fonts/font_style.css HTTP/1.1
Host: d3v6q7097edepm.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 388
last-modified: Tue, 14 Jan 2020 16:59:31 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Nov 2023 08:15:25 GMT
etag: "b1aefbe0145794b1b12df477e94590fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3b6bunAdPzenv3fENyMrpNOQqHuriFXd-6zu7PrIX5SajZqUR9TWWQ==
age: 39244
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto|Open+Sans|Pacifico|Oswald|Lobster
200 OK 2.1 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Roboto|Open+Sans|Pacifico|Oswald|Lobster
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 82091bc14bc0c9f6ebefa51bbc774c51
cecccb1eecf6467a5f0c9e8ae30c41756a3e2a19
10615035d72a719660b8eb96f4051d1886664cef45dadefb00ca2d1e3a5924b9
GET /css?family=Roboto|Open+Sans|Pacifico|Oswald|Lobster HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3v6q7097edepm.cloudfront.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Nov 2023 19:09:29 GMT
date: Mon, 20 Nov 2023 19:09:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.googleapis.com/css?family=Fjalla+One
200 OK 60 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Fjalla+One
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53788)
Hash c3b0daea82ae92e44ae5689332a31887
abebc63bf66b82cfb12ef47f7f1c4335e82f7fab
808c65ec51e0ed4b8e78c202b724d9958cf4c57857979740bbb3f874061d99f7
GET /css?family=Fjalla+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3v6q7097edepm.cloudfront.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Nov 2023 19:09:29 GMT
date: Mon, 20 Nov 2023 19:09:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 18664, version 1.0\012- data
Hash 8d1c44b2bf75a4e6f1bd141f9a965f4f
1e5dfdb7ca5ee8e823f9f5787f84b18fbdc38434
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
GET /s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://win.click2win4life.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:21:50 GMT
expires: Fri, 15 Nov 2024 23:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
content-type: font/woff2
age: 330459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 15:17:47 GMT
expires: Tue, 19 Nov 2024 15:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 13902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bat.bing.com/action/0?ti=283006946&tm=gtm002&Ver=2&mid=caa9d9a9-c26b-47dc-b354-f859496bda47&sid=557c9b1087d811eeac3c3377bd3e6f70&vid=557cb45087d811ee8b78eb1da3846677&vids=1&msclkid=N>m_tag_source=1&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Click%202%20Win%204%20Life!&p=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&r=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D256%26email%3D%26aff_name%3DOddbytes%26aff_id%3D2478%26aff_sub%3D15872394%26aff_sub2%3D818863%26ha_transaction_id%3Df58307ba1ca84c33a38acbea9e9e275c%26ha_offer_id%3D4011%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D<=2045&evt=pageLoad&sv=1&rn=659938
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=283006946&tm=gtm002&Ver=2&mid=caa9d9a9-c26b-47dc-b354-f859496bda47&sid=557c9b1087d811eeac3c3377bd3e6f70&vid=557cb45087d811ee8b78eb1da3846677&vids=1&msclkid=N>m_tag_source=1&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Click%202%20Win%204%20Life!&p=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&r=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D256%26email%3D%26aff_name%3DOddbytes%26aff_id%3D2478%26aff_sub%3D15872394%26aff_sub2%3D818863%26ha_transaction_id%3Df58307ba1ca84c33a38acbea9e9e275c%26ha_offer_id%3D4011%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D<=2045&evt=pageLoad&sv=1&rn=659938
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=283006946&tm=gtm002&Ver=2&mid=caa9d9a9-c26b-47dc-b354-f859496bda47&sid=557c9b1087d811eeac3c3377bd3e6f70&vid=557cb45087d811ee8b78eb1da3846677&vids=1&msclkid=N>m_tag_source=1&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Click%202%20Win%204%20Life!&p=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Foffer&r=https%3A%2F%2Fwin.click2win4life.com%2Fapi%2Fuser%3Fsite_id%3D43%26LPGID%3D256%26email%3D%26aff_name%3DOddbytes%26aff_id%3D2478%26aff_sub%3D15872394%26aff_sub2%3D818863%26ha_transaction_id%3Df58307ba1ca84c33a38acbea9e9e275c%26ha_offer_id%3D4011%26first_name%3D%26last_name%3D%26phone%3D%26address_1%3D%26address_2%3D%26city%3D%26state%3D%26zip%3D%26dob_m%3D%26dob_d%3D%26dob_y%3D%26age%3D<=2045&evt=pageLoad&sv=1&rn=659938 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=18C9D49BB87E6200062BC754B9296323; domain=.bing.com; expires=Sat, 14-Dec-2024 19:09:29 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B88BBAD076354A58A70180D50C067A3B Ref B: OSL30EDGE0415 Ref C: 2023-11-20T19:09:29Z
date: Mon, 20 Nov 2023 19:09:28 GMT
X-Firefox-Spdy: h2
win.click2win4life.com/api/offer
200 OK 24 kB URL User Request GET HTTP/3 win.click2win4life.com/api/offer
IP
Certificate IssuerLet's Encrypt
Subjectclick2win4life.com
Fingerprint0D:B3:70:86:F3:52:6B:AB:C9:DD:99:37:98:91:A3:DF:1D:53:52:62
ValidityTue, 31 Oct 2023 03:33:29 GMT - Mon, 29 Jan 2024 03:33:28 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (426)
Hash f1afe96f42f8bb6b47b2dcd420981d42
10982d7de941f52c75135c4c024ed115558c2713
84dc4f769cc22504091d470c6cb060eb69556805c6b968d32afdaf5fa4e4c372
GET /api/offer HTTP/1.1
Host: win.click2win4life.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win.click2win4life.com/api/user?site_id=43&LPGID=256&email=&aff_name=Oddbytes&aff_id=2478&aff_sub=15872394&aff_sub2=818863&ha_transaction_id=f58307ba1ca84c33a38acbea9e9e275c&ha_offer_id=4011&first_name=&last_name=&phone=&address_1=&address_2=&city=&state=&zip=&dob_m=&dob_d=&dob_y=&age=
DNT: 1
Connection: keep-alive
Cookie: AWSALB=2cIOeG+5k5Au1s2UGojCImKd0ZrR8nRMcJ5/udYw1UcAgzw9uy3ksavNer9TSZ8PraOlwYqSOFeecVoD0UMKTLggn++5ArSYBo9yFoThJK+xNEbRvWzAqUN69N1G; AWSALBCORS=2cIOeG+5k5Au1s2UGojCImKd0ZrR8nRMcJ5/udYw1UcAgzw9uy3ksavNer9TSZ8PraOlwYqSOFeecVoD0UMKTLggn++5ArSYBo9yFoThJK+xNEbRvWzAqUN69N1G; vertx-web.session=b3526170cdb0c309681e0d04fabd5f47
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 19:09:26 GMT
content-type: text/html
set-cookie: AWSALB=HlyUqFRfm4N0yOiUMD5x4ajvtELyMS3oRQaRtU/n3nT+Yv+KDtuY7LKdEHsis8Ax5BTy6rX+4rPrBsa+z9dl7/n0GFyxQm9EPdtxt6eIOwIGo0C6VWaxRgJ4ajWK; Expires=Mon, 27 Nov 2023 19:09:26 GMT; Path=/
AWSALBCORS=HlyUqFRfm4N0yOiUMD5x4ajvtELyMS3oRQaRtU/n3nT+Yv+KDtuY7LKdEHsis8Ax5BTy6rX+4rPrBsa+z9dl7/n0GFyxQm9EPdtxt6eIOwIGo0C6VWaxRgJ4ajWK; Expires=Mon, 27 Nov 2023 19:09:26 GMT; Path=/; SameSite=None; Secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhR78rn8oD84euFl58f0TFOBcKz1N9OuLe7k6Qcmm%2Fj0qJRCeVh5TJ4B2eHm30SdcclQS%2B5Wf9G3EcKol49mQrLHPFNJ5LJqAbok47%2FDwg7hkZqjemYcDpND1%2F7thOkR9wlv0nkq%2FOSN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8292fcc0bf2cb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fi4wcxoh9c68
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:23:18 GMT
expires: Fri, 15 Nov 2024 23:23:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 330371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fi4wcxoh9c68
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Nov 2023 21:37:43 GMT
expires: Wed, 22 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 423106
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 15:17:47 GMT
expires: Tue, 19 Nov 2024 15:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 13902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 19:10:43 GMT
expires: Fri, 15 Nov 2024 19:10:43 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 345527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Nov 2023 15:17:47 GMT
expires: Tue, 19 Nov 2024 15:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 13903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:26:09 GMT
expires: Fri, 15 Nov 2024 23:26:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 330201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fi4wcxoh9c68
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:23:18 GMT
expires: Fri, 15 Nov 2024 23:23:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 330372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:24:19 GMT
expires: Fri, 15 Nov 2024 23:24:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 330311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/canonical_car.png
200 OK 11 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/canonical_car.png
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 98 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash a4741c6089e163f0e5c0cdb2c698a03e
03b190c8d9350802cbabbccd2757cff1fb7115f0
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
GET /recaptcha/api2/canonical_car.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 11174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:58:28 GMT
expires: Thu, 23 Nov 2023 04:58:28 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 396662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/info_2x.png
200 OK 665 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/info_2x.png
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:58:54 GMT
expires: Thu, 23 Nov 2023 04:58:54 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 396636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/audio_2x.png
200 OK 530 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/audio_2x.png
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:23:21 GMT
expires: Thu, 23 Nov 2023 23:23:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 330369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/refresh_2x.png
200 OK 600 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:21:57 GMT
expires: Thu, 23 Nov 2023 23:21:57 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 330453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apm.cylog.io/intake/v2/rum/events
200 OK 0 B URL OPTIONS HTTP/2 apm.cylog.io/intake/v2/rum/events
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subjectcylog.io
Fingerprint14:48:71:D9:B4:D7:80:26:64:10:4F:0A:7E:AB:79:0A:EE:AC:7A:99
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /intake/v2/rum/events HTTP/1.1
Host: apm.cylog.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://win.click2win4life.com/
Origin: https://win.click2win4life.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 19:09:31 GMT
content-length: 0
access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://win.click2win4life.com
access-control-expose-headers: Etag
access-control-max-age: 3600
vary: Origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2
apm.cylog.io/intake/v2/rum/events
200 OK 0 B URL OPTIONS HTTP/2 apm.cylog.io/intake/v2/rum/events
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subjectcylog.io
Fingerprint14:48:71:D9:B4:D7:80:26:64:10:4F:0A:7E:AB:79:0A:EE:AC:7A:99
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 18 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /intake/v2/rum/events HTTP/1.1
Host: apm.cylog.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-ndjson
Content-Length: 28932
Origin: https://win.click2win4life.com
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 202 Accepted
date: Mon, 20 Nov 2023 19:09:31 GMT
content-length: 0
access-control-allow-origin: https://win.click2win4life.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:400,500,300,600,700
200 OK 5.3 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Poppins:400,500,300,600,700
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (5383), with no line terminators
Hash f986b4ef808cf5c5ab1bca1e7529f90b
4603da15fb526489041d94431721f12550da9e8e
13a5cb26f894a2f8381fd9c6dd4ff301206429cdbc4a1ef4002e80bec0e69d31
GET /css?family=Poppins:400,500,300,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d3v6q7097edepm.cloudfront.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Nov 2023 19:09:29 GMT
date: Mon, 20 Nov 2023 19:09:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d3v7hbq4afry8x.cloudfront.net/favicons/C2W-favicon.png
200 OK 1.8 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/favicons/C2W-favicon.png
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 6552276e8e83c7ef39f40a4b57e3e8bf
3c0254480a984bfe5b4c33e596ce43d44e176ab2
61e5882ed4728bbeca31cf631770eb39565518e01c8078796f4e8d4f95e5fed2
GET /favicons/C2W-favicon.png HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 1823
last-modified: Thu, 03 Feb 2022 14:15:05 GMT
x-amz-meta-sha256: 61e5882ed4728bbeca31cf631770eb39565518e01c8078796f4e8d4f95e5fed2
x-amz-meta-s3b-last-modified: 20220203T141317Z
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Nov 2023 05:25:44 GMT
etag: "6552276e8e83c7ef39f40a4b57e3e8bf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LchCBnr1C_LWqjxdvXz70Tn5HCWahLzVmJqv9M8ETuVmWPwljaQoxQ==
age: 49424
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;500&family=Roboto:wght@400;500;700&display=swap
200 OK 12 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;500&family=Roboto:wght@400;500;700&display=swap
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
Hash fd3003e294966ed0d7e00bef9d85e44e
6a808f5eb3b7f3de23fa5dab89a733e31affff8e
29d551ad1b4106bb697c6d921f7f8491ed5e6c183481a7aaf6ae9b1f42d908eb
GET /css2?family=Roboto+Slab:wght@400;500&family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Nov 2023 19:09:27 GMT
date: Mon, 20 Nov 2023 19:09:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/jquery.cookie.min.js
200 OK 1.5 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/jquery.cookie.min.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (1572), with no line terminators
Hash 3dbc9d4be89b1596370047402d84c7ad
20130df26ac850e4fe6b4c583b156374f461e70c
0c8ccf0b451bf7c9c7845e2156bafb98816f3d0864efb54dc7b651247dd9c693
GET /js/jquery.cookie.min.js HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 03 Mar 2017 18:45:48 GMT
x-amz-meta-s3b-last-modified: 20170303T184137Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 08:17:16 GMT
etag: W/"8b099a68e388ea56b90df9abf7b71466"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Fx2vDVMhwa88deNM-ojTkcPlI8eiiTszxCArvFMkSJl-QhP7SX2Cow==
age: 39132
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/RegPath.Slider.js
200 OK 3.8 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/RegPath.Slider.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (3951), with no line terminators
Hash 5b25716838494a86773a00816d5dc760
f39bb57552c46e558c18946911908c72b8e8399e
d128a5afb1a4bc798553b01bfd4e01b625857e9b799c93458020668e17565d96
GET /js/RegPath.Slider.js HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 14 Dec 2017 18:18:57 GMT
x-amz-meta-s3b-last-modified: 20171214T181830Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 10:49:40 GMT
etag: W/"77fb923352fa31d6bf3a46b445e11af3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ox9mPJgMbw2KXOfI8QiPXxeLW58ohUYG4DOhH2_a00NbfPphtlgYBw==
age: 29988
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
200 OK 850 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with very long lines (850), with no line terminators
Hash 57e10dcd72dd2953878092014eae522b
95ba7e48825c26c5d9395ef2edb73e790bce6fa7
c7b54326365940d062bce26ed41579eebcb4946a86ba280790b603926692bd59
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 20 Nov 2023 19:09:27 GMT
date: Mon, 20 Nov 2023 19:09:27 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
200 OK 49 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (48664)
Hash 14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://win.click2win4life.com
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 19:09:27 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 10/31/2023 18:55:57
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ab2e6174a5650bfe305f441f74b6d4b6
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8292fcc40d9fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
200 OK 58 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (57569)
Hash 499a90f20515ce3b24663e9cf790a374
7f8eca03d549c221493863f1bc1f99cc6e8fd8b9
c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e
GET /js/elastic-apm-rum.umd.min.js HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 10 Feb 2021 17:22:27 GMT
x-amz-meta-sha256: c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e
x-amz-meta-s3b-last-modified: 20210210T172039Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 10:36:20 GMT
etag: W/"499a90f20515ce3b24663e9cf790a374"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WT9KVlZ9dv7HaAluvIAEK6_IpwQXXk4CvFviWJ5S-4LKKi6pklDdzw==
age: 30789
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
200 OK 7.3 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7487), with no line terminators
Hash a9983fa306afa068ef0b27da0fc1817d
e5d48f129a19c077d19f53e7f6f575e3edfbabd3
b9164889f4db59773eca90a8f937b982772af97048798c7fb0481eed34023855
GET /recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Nov 2023 19:09:30 GMT
content-security-policy: script-src 'nonce-ESa9c4LBRfrjF_0uG12qCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d3v7hbq4afry8x.cloudfront.net/js/BrowserDetect.js
200 OK 3.8 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/BrowserDetect.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (4006), with no line terminators
Hash 4d11fdb0279b96afedd47bb297eb19df
fb8223ae67eb0ee44b580fe28d6452fb2a3a405b
afda71a045325449f1ffcd22db043b8e5b9f140e6e6f499fdcca96528ceaebd7
GET /js/BrowserDetect.js HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 03 Mar 2017 18:45:48 GMT
x-amz-meta-s3b-last-modified: 20170303T184139Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 11:55:19 GMT
etag: W/"ec2998a1fb25db329f5052cc6e7d52d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PA77CKiGcEkh9eXHg1U2qOEL3aYej-AGfjxUTH5jOQuf2g_47P7g6w==
age: 26049
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/RegPath.Functions.js?rev=20190131
200 OK 18 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/RegPath.Functions.js?rev=20190131
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 84d6e60deef28fbe203c67622a90c769
39c7179fa9ab4ac385784a41d961ad04e3f912d9
ad9f929ab4efbdc16890f6b6b7e966d49d2004d2bfb2ab26c3d1d93ac0bb4db0
GET /js/RegPath.Functions.js?rev=20190131 HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 30 May 2019 19:08:48 GMT
x-amz-meta-s3b-last-modified: 20190530T190844Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 10:09:44 GMT
etag: W/"84d6e60deef28fbe203c67622a90c769"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U1hsCnSXJ5UZz_Ox8Q4iN3dgZksr4UbFxn4w6zVXfUVKwjfH64-wdQ==
age: 32384
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fi4wcxoh9c68
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with no line terminators
Hash b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fi4wcxoh9c68
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 20 Nov 2023 19:09:29 GMT
date: Mon, 20 Nov 2023 19:09:29 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d3v6q7097edepm.cloudfront.net/css/animate3.css
200 OK 72 kB URL GET HTTP/2 d3v6q7097edepm.cloudfront.net/css/animate3.css
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
Hash 6cafe138e48efead0052fcf75e8d7ec1
81321802ff316eedcae482bd1925250d23015c36
a5549023d853f3c320a369d0488a225e0af4a4226f8728f2df9c375cfb00ec86
GET /css/animate3.css HTTP/1.1
Host: d3v6q7097edepm.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 31 Jan 2020 17:33:11 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 06:13:52 GMT
etag: W/"6cafe138e48efead0052fcf75e8d7ec1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KqqLjzEfhIApyxUU9Nsxg-eG3hF3a-0XZTPFFz9RzoTNgzGSekeu8w==
age: 46537
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/reload?k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
200 OK 43 kB URL POST HTTP/3 www.google.com/recaptcha/api2/reload?k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (43070)
Hash 595423ebce371c37a4a4b877e316bc76
3e3c4398badb9da555051e484e646df1507ad8ed
c18e92af7a237fe8eefd41cc7cae0fc6e4c1b10eee5a992ad887040c1c79210b
POST /recaptcha/api2/reload?k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 7578
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Mon, 20 Nov 2023 19:09:30 GMT
expires: Mon, 20 Nov 2023 19:09:30 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AJo8oUPnvt6pSfSC6Y94Xxw8Xd5mAuarE2vXQqWjgNZFuygvZcPM4QTxsgG-ELSxC1Qkl3JWbH5T33Gb0bK7ALk;Path=/recaptcha;Expires=Sat, 18-May-2024 19:09:30 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
script.anura.io/response.json
200 OK 43 B URL POST HTTP/2 script.anura.io/response.json
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint83:CF:23:67:0B:B9:DB:BB:65:3F:31:44:AD:06:8B:B2:7E:B4:E1:20
ValidityMon, 16 Oct 2023 00:00:00 GMT - Wed, 13 Nov 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6f42fdf5c35132ff748d0e55f19a9eaf
2fd7c86a3c8b4f453e6609baf3d5ac5be391ad7b
efb393f94fd5ccdaf6717df2374f85ce5a91032032112377f4dc6e219fabcce2
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5252
Origin: https://win.click2win4life.com
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 19:09:30 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/RegPath.Pixel.js?rev=201704101403
200 OK 1.9 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/RegPath.Pixel.js?rev=201704101403
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (2072), with no line terminators
Hash 07370c0f9258e396003a003e15e09037
41c53c21972517ffcd8a308b7e888b189a0d7c3d
b3fdabb678c055b6a7fb3c11b94b806d867e4aeaf4fa09a7f26b8645c2800f75
GET /js/RegPath.Pixel.js?rev=201704101403 HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 26 Apr 2022 16:09:59 GMT
x-amz-meta-sha256: 27936a751999f3f01d190358eb3a2ef797363d02db18ad953926a21a0f3b5a8c
x-amz-meta-s3b-last-modified: 20220426T160939Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 10:49:40 GMT
etag: W/"4a14569c51e06c85ff11e1ecc9cc94f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OVJtIIIfF1xgDoFwoMyTyhtqRdpc4jzVJK4nMx2vy6ceDcTfdebsag==
age: 29988
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/css/c2w/numberpicker.css?rev=0016
200 OK 12 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/css/c2w/numberpicker.css?rev=0016
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 6c11c396cf7d827c74899e2a85b1ad60
3490838232d240b7582ce4936eb469916502c6c9
5380c18aca8e3719187a17910034e7b6baaed15f02729cc9f1896498c3805295
GET /css/c2w/numberpicker.css?rev=0016 HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
date: Sun, 19 Nov 2023 23:07:55 GMT
last-modified: Thu, 05 Oct 2023 17:39:22 GMT
etag: W/"6c11c396cf7d827c74899e2a85b1ad60"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -FOFwkpw4v9QmCINRPpcO0vsYWNgo4sEuJm8J9nJ48fi9iLeve01HQ==
age: 72093
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/RegPath.js?rev=201704101318
200 OK 15 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/RegPath.js?rev=201704101318
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash a8b5031e0b85544edf033d88c06698a1
2c67bdca7d3db02d944a3869917599c6c313c6ef
89c175ab07f45ff4fa2c9cab1355f235baea0e4ddb0b3b79fa42000f5ee64ffc
GET /js/RegPath.js?rev=201704101318 HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 28 Mar 2022 18:16:38 GMT
x-amz-meta-sha256: 89c175ab07f45ff4fa2c9cab1355f235baea0e4ddb0b3b79fa42000f5ee64ffc
x-amz-meta-s3b-last-modified: 20220328T181609Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 09:40:43 GMT
etag: W/"a8b5031e0b85544edf033d88c06698a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9h3irMvVO1JHz5NebkNAZRbFKXRrABFbm2PwK1dZzwqcRmZ5O78mqw==
age: 34125
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
200 OK 58 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/elastic-apm-rum.umd.min.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (57569)
Hash 499a90f20515ce3b24663e9cf790a374
7f8eca03d549c221493863f1bc1f99cc6e8fd8b9
c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e
GET /js/elastic-apm-rum.umd.min.js HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 10 Feb 2021 17:22:27 GMT
x-amz-meta-sha256: c8b7915ad7d1c681deeb06140dbf558cd8d218014a9bcd085fd7f397e257f51e
x-amz-meta-s3b-last-modified: 20210210T172039Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 10:36:20 GMT
etag: W/"499a90f20515ce3b24663e9cf790a374"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yeMsonz51lkAlaHrdnP89QWXq6YL0dTyv6f7XAkxUhF5BbeWNdPzDw==
age: 30789
X-Firefox-Spdy: h2
bat.bing.com/p/action/283006946.js
200 OK 3.7 kB URL GET HTTP/2 bat.bing.com/p/action/283006946.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type ASCII text, with very long lines (3889), with no line terminators
Hash 73fbc12b6a92ebe2b1be2103b76ffc86
b2b95e4c756bf3b9633b4f50f2dc41321ba2e0a1
d44eed328508bcba883bf959ae850387e8e1c7a235b57527307ade504db60188
GET /p/action/283006946.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=60
content-type: application/javascript; charset=utf-8
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 034A585237A442EDAD1A1FCAADFC6D3D Ref B: OSL30EDGE0415 Ref C: 2023-11-20T19:09:29Z
date: Mon, 20 Nov 2023 19:09:28 GMT
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/jquery.mask.min.js
200 OK 9.4 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/jquery.mask.min.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (9720), with no line terminators
Hash 0225eff1a0a4b5978c9a725d3524c15f
0d812c46fef1899ca7140ceea1f5736c1d88cecf
d88dcb762f3ff42144d3386b0a578aaa277f99b0dc3ec1e6c185f4862a4e0e7c
GET /js/jquery.mask.min.js HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2017 11:48:16 GMT
x-amz-meta-s3b-last-modified: 20170216T125457Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 10:49:40 GMT
etag: W/"6a4c6cafe964acba8d9414f00553e62a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7Zjyxn46nNRWYiWJwwp0id3mTkellQtIjc4ZasN4AfcLWFsMlVZzqg==
age: 29988
X-Firefox-Spdy: h2
ads.anura.io/showads.js?667982121133
200 OK 0 B URL GET HTTP/2 ads.anura.io/showads.js?667982121133
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subjectads.anura.io
Fingerprint69:66:FA:26:E2:E4:89:00:9A:F7:DE:2C:F6:5A:C2:B9:58:04:5D:E6
ValidityTue, 30 May 2023 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /showads.js?667982121133 HTTP/1.1
Host: ads.anura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://win.click2win4life.com
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 20 Nov 2023 12:18:03 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SQu2KmwhZhEMxNgE5VbmJZ4sX38W3CITuuYpb7JfXIxSiEh5rDcx8Q==
age: 24686
X-Firefox-Spdy: h2
d3v7hbq4afry8x.cloudfront.net/js/moment.js
200 OK 143 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/moment.js
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Size 143 kB (142551 bytes)
Hash 9f9f17b1ad6cbf5a6ba1e14a67c16a53
debff70b2e6e7c8c40c53bda28df5c28f8f1f21b
d8080393095c82a2c9d58a8ccd7ba45356ba6dd4aef7e59f8657b28a5acb9ded
GET /js/moment.js HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 03 Mar 2017 18:45:49 GMT
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-meta-s3b-last-modified: 20170303T184137Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 08:52:10 GMT
etag: W/"9f9f17b1ad6cbf5a6ba1e14a67c16a53"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5yDuKmHCzcM6DgrHBAmDmSN6WUc35mPXhE09yZNO0tp2p4EZVXOtkg==
age: 37038
X-Firefox-Spdy: h2
d3v6q7097edepm.cloudfront.net/mp3/1kb.mp3
206 Partial Content 1.2 kB URL GET HTTP/2 d3v6q7097edepm.cloudfront.net/mp3/1kb.mp3
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Hash 2fab401479fc569b1d333e5c561fa50a
4039d1dc8334ba579a2225d3488522fab6183ee1
d2ee72fe4af84edbfbfb9ebbfc9a8206f62e6d3fb2ccced42ff6ac5d92966aff
GET /mp3/1kb.mp3 HTTP/1.1
Host: d3v6q7097edepm.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
content-type: audio/mp3
content-length: 1152
last-modified: Fri, 31 Jan 2020 17:32:24 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Nov 2023 13:27:41 GMT
etag: "2fab401479fc569b1d333e5c561fa50a"
vary: Accept-Encoding
content-range: bytes 0-1151/1152
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9MoYVPLbc7_cWNOFjkhTbxTyngICpvGFeUp2SnuaaOPGtilgNAZzFA==
age: 20509
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/payload?p=06AFcWeA4IQTPoffRB_2P0bA7zDKJpmjZC8Z9wFE0ljyvnp8ds4xiHN-ctucBjbKnHS4lh6Zjb_VDeKPNPG6qsk4Hv_CgfB8hvX4PBvWs3_dDO3exbQmhvozLePZJIeia22R0Jv4Bi79jSb2dHlacSk44E7BxgBZsv8j2kQjFIlK41DaLkfrU4r-srpYdjae4QLpu5F1gE8HuL&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
200 OK 36 kB URL GET HTTP/3 www.google.com/recaptcha/api2/payload?p=06AFcWeA4IQTPoffRB_2P0bA7zDKJpmjZC8Z9wFE0ljyvnp8ds4xiHN-ctucBjbKnHS4lh6Zjb_VDeKPNPG6qsk4Hv_CgfB8hvX4PBvWs3_dDO3exbQmhvozLePZJIeia22R0Jv4Bi79jSb2dHlacSk44E7BxgBZsv8j2kQjFIlK41DaLkfrU4r-srpYdjae4QLpu5F1gE8HuL&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
IP
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 466ac5f851f703fa901f84a153e32a51
42225eeed631dac7ea5d9f76f4ec60a5d90176ec
39fb59e880041a6c6ddd69e234c652d9ae2b75296c11a1d1156dc10a218f934b
GET /recaptcha/api2/payload?p=06AFcWeA4IQTPoffRB_2P0bA7zDKJpmjZC8Z9wFE0ljyvnp8ds4xiHN-ctucBjbKnHS4lh6Zjb_VDeKPNPG6qsk4Hv_CgfB8hvX4PBvWs3_dDO3exbQmhvozLePZJIeia22R0Jv4Bi79jSb2dHlacSk44E7BxgBZsv8j2kQjFIlK41DaLkfrU4r-srpYdjae4QLpu5F1gE8HuL&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p
Cookie: _GRECAPTCHA=09AJo8oUPnvt6pSfSC6Y94Xxw8Xd5mAuarE2vXQqWjgNZFuygvZcPM4QTxsgG-ELSxC1Qkl3JWbH5T33Gb0bK7ALk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/jpeg
expires: Mon, 20 Nov 2023 19:09:30 GMT
date: Mon, 20 Nov 2023 19:09:30 GMT
cache-control: private, max-age=30
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d3v7hbq4afry8x.cloudfront.net/js/jquery.validity.custom-output-v1.1.js?rev=201802021204
200 OK 4.5 kB URL GET HTTP/2 d3v7hbq4afry8x.cloudfront.net/js/jquery.validity.custom-output-v1.1.js?rev=201802021204
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (4742), with no line terminators
Hash a71bcd6bbc0b0f964274e47f373ba807
3e19e8ee04f7f5e710c1138c42ba1e1712afab81
246ddeb87d879a0bb835770d3aad4ad05ca18beb991dc6621d3e2eefab59a93d
GET /js/jquery.validity.custom-output-v1.1.js?rev=201802021204 HTTP/1.1
Host: d3v7hbq4afry8x.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 21 Apr 2020 19:18:05 GMT
x-amz-meta-sha256: 873e0aae5e5840444a1c9baa960d6dea0fcc06a20baf926e721de3a9ae7caa42
x-amz-meta-s3b-last-modified: 20180626T130725Z
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Nov 2023 12:07:30 GMT
etag: W/"119b7fe9738b2bd40d7989ee0e65ed2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vteh60yIDn9nRJGZe2Tgx5evaH_osXorYqbLMWI--BqPI9eM7ulr4Q==
age: 25318
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fi4wcxoh9c68
200 OK 62 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fi4wcxoh9c68
IP
Requested by https://win.click2win4life.com/api/offer
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53788)
Hash 0728f636e7942418a894c03c3d7fcfa9
31e74807737bf9311ec6f7c8487df3c274feabfa
a93ebf4055c4be52c01a96ce7ad615a8f6e688f0be3f83856ac804b3004e459d
GET /recaptcha/api2/anchor?ar=1&k=6LfKnxEUAAAAAO1iXBX9FqL0w-68XqXGl3UPBF5p&co=aHR0cHM6Ly93aW4uY2xpY2syd2luNGxpZmUuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fi4wcxoh9c68 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://win.click2win4life.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Nov 2023 19:09:29 GMT
content-security-policy: script-src 'nonce-RSZHTZceb6wDGueMVuu6Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
104.21.66.176
142.250.74.106
34.247.100.84
13.42.153.166
18.158.229.59
0.0.0.0