| gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2 | 172.67.71.125 | 301 Moved Permanently | 0 B |
URL HTTP/1.1gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2 IP172.67.71.125:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2 HTTP/1.1
Host: gift7127.goggle.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 05:30:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Dec 2022 06:30:57 GMT
Location: https://gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH4OaEKX560i0LCRhnDKyhNZ67wfBc9Qwyc%2BzIUid1o8fRN2B5RxV9uXdDElDxf2stnTZscyiXPVUApXY1ULaFBspd7nGH0KSn%2BBn20pnMRLpwWSUOzcTCuEIb%2FfHbUNFFwIPe0G"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774a648eac83fab4-OSL
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashcfec3d7283a9b66d2be426ce54d210f3 808c1feb1ba918951d1928c1f6bfc0c253262774 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5923
Expires: Mon, 05 Dec 2022 07:09:40 GMT
Date: Mon, 05 Dec 2022 05:30:57 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfb2c0697c6d9a96a5411dd2952947458 79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 540
Cache-Control: max-age=104960
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:57 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:40:17 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1ea206ac3c440825741687351f8c6e4e 2f38dafd8c43dcce2411a0590bc5c02cd6286735 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2164
Expires: Mon, 05 Dec 2022 06:07:01 GMT
Date: Mon, 05 Dec 2022 05:30:57 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 05:20:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 644
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kFZMis4Hxfxl6Cf4r3kHNqknz5BOZadzHZFLvwTIZihVyT1ct3nYEVrLQdmfVSgU50xG7uNMhqk=
x-amz-request-id: V22FM4RCNDZ9KD6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 04:47:16 GMT
age: 2621
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 05:30:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashdb3a7a835850d29f73d539bca13fbf71 73ac03148286bef3e4b7eae537a0fe79991a7a7a a9be93a07d46c2a66f335d712ddefec393b6cae451238e78c9dab1e259aff2eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161616
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:57 GMT
Etag: "638d5661-118"
Expires: Wed, 07 Dec 2022 02:24:33 GMT
Last-Modified: Mon, 05 Dec 2022 02:24:33 GMT
Server: nginx
Content-Length: 280
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 05:08:58 GMT
cache-control: public,max-age=3600
age: 1320
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash67eaf80416802078cf20f6f8328ca0bb d9cbffdc1972eec762e18fb620e4efe5169be163 12c2cddb038dc58e56c84a521b6f17b66ec54427a738fb8a46a4d95ceec9abbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:58 GMT
Server: ECS (amb/6B96)
Content-Length: 279
|
|
| gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2 | 172.67.71.125 | 302 Found | 273 B |
URL HTTP/2gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2 IP172.67.71.125:0
File typeHTML document text\012- HTML document, ASCII text, with no line terminators Hashed0391e4ea011a4829aea41a598c86e4 10648a982f102e106aefac7dd53d23ad30b6bb4b f887a733ee25010a05c382efac45e06e81381f156034ab6aae2d93c09348ebc9
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2 HTTP/1.1
Host: gift7127.goggle.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 05 Dec 2022 05:30:58 GMT
content-type: text/html; charset=UTF-8
location: https://t.y1h1.com/visit/5d282e030142b6000661240f?type=lpKeyError_Type_1&srcTrafficSource=redirect&srcCampaign=0_autosmartlink_auto&srcPub=1962&srcOffer=smartlink_with_push_randompub&exid=1668938253-vurzlf
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Li%2FilmO3L%2BSXWFHCmcuxPL%2FWTE7Dp%2FM7bSwdxNFWy0Qh2eWQ0qp6Jx5a3RkgVxEztbh0ga14fbQcnVAWhnRSHR%2F%2BA%2F58XdquYUclp86zHq3id7YBbwWoG17Ax5fPENvdpKmn8b%2Bs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64910affb518-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash31b129c94a90b1e695b21395cb54e378 a3cae46b48d469cc61ab0581303bcd5f5b654db9 fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 525
Cache-Control: max-age=99878
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:58 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:15:36 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| t.y1h1.com/visit/61e55f98081ec20007c7f606?exid=1670218258-gKRBXN&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=1962&type=Cloak | 172.67.75.44 | 200 OK | 416 B |
URL HTTP/2t.y1h1.com/visit/61e55f98081ec20007c7f606?exid=1670218258-gKRBXN&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=1962&type=Cloak IP172.67.75.44:0
File typeHTML document text\012- HTML document, ASCII text, with very long lines (416), with no line terminators Hash9e84c6817cadf3197c5fa0f5ee393fa2 89fe8dbf5b933b5b0d51bdca79b5fa3dc2bf0742 ed5ac8c826fd24508ac5964d54d800dae748ef56251a7a66a10b2ff7a30fd354
GET /visit/61e55f98081ec20007c7f606?exid=1670218258-gKRBXN&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=1962&type=Cloak HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: vid=1670218258-gKRBXN; lv_5d282e030142b6000661240f=1670218258-gKRBXN; vn_5d282e030142b6000661240f=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:58 GMT
content-length: 416
refresh: 0;URL=https://gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2
set-cookie: vid=1670218258-LyLIHy; Path=/; Domain=y1h1.com; Max-Age=604800; Expires=Mon, 12 Dec 2022 05:30:58 GMT; Secure; HttpOnly; SameSite=None
lv_61e55f98081ec20007c7f606=1670218258-LyLIHy; Path=/; Domain=y1h1.com; Max-Age=3600; Expires=Mon, 05 Dec 2022 06:30:58 GMT; Secure; HttpOnly; SameSite=None
vn_61e55f98081ec20007c7f606=1; Path=/; Domain=y1h1.com; Max-Age=3600; Expires=Mon, 05 Dec 2022 06:30:58 GMT; Secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BiShja%2Fuz96xFlqVHJiMZtOdEva1y0owHfR3oqCRAC%2FS3jiSxMv3Nx%2FAZb9QgoYTgleh9Gy4NCoJ6u8tQd4AH3Ae65uO6I6hnCRMbtJyVf7fEQ6IVQpLB6%2BGvGg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64946c87b4fa-OSL
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.240.159.184 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.240.159.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DOwWGbIsfEzcq2WVRf4EVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vac2wDRdEQuYgcnMx31ZltyZikw=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashcc7350d668e793b5e31da2274317c19e 7c2436dfc888adf9cddd5fa63107909d78597df1 ee94c99d8ff9df99e637656a0293b9d1b293a17505920d043ad08c106290ebfc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170303
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:59 GMT
Etag: "638d7852-117"
Expires: Wed, 07 Dec 2022 04:49:22 GMT
Last-Modified: Mon, 05 Dec 2022 04:49:22 GMT
Server: nginx
Content-Length: 279
|
|
| rs.y1h1.com/recaptcha.css | 172.67.75.44 | 200 OK | 28 B |
URL HTTP/2rs.y1h1.com/recaptcha.css IP172.67.75.44:0
File typeASCII text, with no line terminators Hash8f48e083a831bd16da0aada175478aaa df342632e700b5453c189d3129a1e7c5a27598c6 ec8e585ab06e164d11e99adcf9b18d3074de0ece7c922fc6cc99d86fad4d9ea7
GET /recaptcha.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/css
content-length: 28
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=31
etag: "5dc0edfb-1f"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 05 Nov 2019 03:35:23 GMT
cf-cache-status: HIT
age: 144
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDI8qTeQej1TYY%2BQSTKUv01FmnVqZfOWc5y0%2FMDna8nktbLW5rPl45OUD1WqacsCPw4Tw1Yx%2Bwv6Bz2xeRu2dQsmOO4nYDPjNjKj83BZ5YF%2BOkfroDy1NLg6XXQtyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64996d04b4f9-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/menu_2x.png | 188.114.96.1 | 200 OK | 15 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/menu_2x.png IP188.114.96.1:0
File typePNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data Hash8714f78a15df3b8769c66518ad411404 4f1c074c4f7cd824c4e0a7a06a4f36838ec57bc7 c1d04143995e571804cca18baa14b05794545f77171d6697abde9ac432db57f1
GET /sweeps/ww/giftcard2/menu_2x.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 15194
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-3b5a"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwS0EsYxMZ5tAEOj9tF6BLBAJf2eyHsM%2FxYHAhtSPbddjvL3FPqlmQFQh5AZqXixKJ7M3GNspuEon7%2BQ7wNxhJhJJjb4tA3D07NuFW6DO%2FT50EHZkAfBOJAfeBlTqX%2FmoVf3yDBAMkl3BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499488ab4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/like_user_2.jpg | 188.114.96.1 | 200 OK | 1.2 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/like_user_2.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hashf9299c2023539a8f27a6e1b12ed260e5 046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2 ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
GET /sweeps/ww/giftcard2/like_user_2.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1216
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-4c0"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtmhDyChEHEIpzwWmxVbRLnJV2b3LjuOaL0RB5wtbJJJUnppUh2GcKVnw%2F2%2Fwf0ZxwzyzDm1fan8wQT3Sxw5iCVhFmOnLRLS9aJRfWEQ6iDhO8PKd4S%2Bwm%2F4cysYAvYocb6nccBoySImIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489cb4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/prize2.png | 188.114.96.1 | 200 OK | 7.3 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/prize2.png IP188.114.96.1:0
File typePNG image data, 83 x 94, 8-bit/color RGBA, non-interlaced\012- data Hashd1fea41e41e0b65df696294be795b34f 46f37e9ac56617cf366adddf2ed2389b5b6dae0d 3d89d40b25c079be8baa42705fcd9c35933b6fd1456c66e849c3fdf37aa3856f
GET /sweeps/ww/giftcard2/prize2.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 7264
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1c60"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBtH3vV4DLT7BiqOELukHVea%2F7U2ZqPT48Ecs0XUnL%2FvH4tofNurArzg1wnEM6Szopu7ACslyK95zqJHdmf4sQcV0dsCmZev4gNfy6gtHi5Fg%2B4xqw9YffSPZNhKj%2BdIW0JcbTFSxBUL7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994897b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/4.jpg | 188.114.96.1 | 200 OK | 1.8 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/4.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash59389d99986c2c273716a3a8318d137a fb4182ad157fd847a0e454263fb1ce981751ae8e a76e62e7aa1c08feb38cc3203ec6ae986bb5bfdf1820dd42b256061fa2a0990f
GET /sweeps/ww/giftcard2/4.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1803
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-70b"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Oan6TLO9qD6U8L7ZfW9LaCLkPSHrNVjQduaTHtcq3e%2BVDRX5DkJr2UfGOAQNHMKhDWhM26KM9j%2FdL3UDhFNEPoVavBGHax7gF5tko4o%2BNXuT501GHnENzcDjfHADaMt28DDZYtbnFvitg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a5b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/like_user_1.jpg | 188.114.96.1 | 200 OK | 1.3 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/like_user_1.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data Hash2aa0d43e70d60d76ac4bdff139f8c7cb d7e3433297ad90f5d99249aee29b645265c9f3eb e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
GET /sweeps/ww/giftcard2/like_user_1.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1293
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-50d"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trPmJoN2CPQDTeH3rqljhceTTExMBayV%2FjcQgpA7fBSjm3J72URlrdyV2sexXCKI0J2AIfZVmymboHA4UHqFID97DKB3yoOhtZGZHzL%2F7OH8rdueXN4n3VXG6RzaTWzIs690w5SCf%2FwoOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489bb4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/2.jpg | 188.114.96.1 | 200 OK | 2.2 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/2.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash7af1c5ea7c34e1748aa8e4ac65d26256 506ccb8359f870d196643c85c38a8739e044b78b afa0d114beef551ec69b8a3bf82f292729b7e8930f022a83bd68bec11e5fe474
GET /sweeps/ww/giftcard2/2.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 2182
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-886"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HMkQ4wyn99Z2mAYiOWBiOrju90J23%2BnsJNCXyeGLQ%2FwLc9JH9dmPCkcc0ehj4edYywRUtm%2F7%2FrDU7FbTue%2B0Cb2tFyG0E2IQQjFzRlD1XVQ4RQk6%2B2j3RL5Af34UVoxs21n0Pgc%2FmRU%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489eb4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/1.jpg | 188.114.96.1 | 200 OK | 1.9 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/1.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash7c4c03a240fbd38d376111329cb3399c 429f149a2f076040c32d328f89b2099308835d70 1ad68d21bdc5d7616e0ea09fda1fe683ac7ff548e3afa35680de2614dfbee051
GET /sweeps/ww/giftcard2/1.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1863
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-747"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1a0B0vWfkqcYSLFvir7Cd3HqM%2FdDVxEZpmUqEHKKVFYzEiOLxOiE3cfekLvqUP19UQ9zhzo%2BrdUhPS2i9a10AKPrLBUtchkDw0Cw276oHxChhlFILm0AnCp5EVzRhoPFPs0NBSKGWAL3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a7b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/footer_right.png | 188.114.96.1 | 200 OK | 6.8 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/footer_right.png IP188.114.96.1:0
File typePNG image data, 300 x 118, 8-bit/color RGB, non-interlaced\012- data Hashed8f956b5be34d80b8b6320dc43741ab 8448e9bcc591804bc820944e6cc073cf363d005a 1f69493b3c8fa89a0f217632374effe57b80d981d1726604e1283b9d3663abd0
GET /sweeps/ww/giftcard2/footer_right.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 6825
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1aa9"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ci6RLx59M1l5ltWSpMQWvop6DmGrWcSl3aMHPwyxAMA7NKSE5elmYuzVwUTsY9mXGxW%2B5s3gVfoPYffUv1m4uSWqiKAIR4qy2MSAXgvY3soNbwTnFHPg1VQ3xFfM4c9dqhoEUFr8QlMPlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958aab4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/8.jpg | 188.114.96.1 | 200 OK | 1.6 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/8.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hashc31e3d6f2d5d38af20fee54b89568db4 38570ab4bd66cf8421877b46486b106beb925787 49194aa4fbfb6dfbeaa47328bd1a721e96c80e7d78cb8a6a15febb7a59d1c9e9
GET /sweeps/ww/giftcard2/8.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1561
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-619"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrKsrYS8wZNmrxCFNdj3oTiPxif%2BwdJsPmpaeqg1uEadAJ1D3F0ORk7l8dtoDqRea9wOd%2BTC3QvPFC8%2FSYXKKoqx3Zn6rh1Rvizq2vOktmbonT0%2FISHepIweU7PLUx1aoFHMLvJhCgtvbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a8b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/clip_footer_3.png | 188.114.96.1 | 200 OK | 2.5 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/clip_footer_3.png IP188.114.96.1:0
File typePNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data Hashe1b626392882cc25b4d891afaa68afd4 454d7abdbc2548d04feb95436ea0ab4126b4f00b ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
GET /sweeps/ww/giftcard2/clip_footer_3.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 2460
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-99c"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0g2upamAmVMKOEDxHaWlndOyABHOjRFdlvb9nnPUZPowGsXbyJwIfnO4kN9bqxU6J%2Fkk7S140WPlm2P4ZvSTITy5QTlTl0M9sfwYGDX7dYBtc76AjfwzWZ1g6cCvLv%2FX1pAWSGY42JsISQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a9b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/6.jpg | 188.114.96.1 | 200 OK | 1.5 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/6.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash5cc7c7967e306b120f82fd0db3b457f6 db91fe10bd961a81c0cd0862c5f4836a50e44dd6 5f49dbcc11d1704c3f66ea256fc589c602cee87fea1f10d2d24181aeaf30ec14
GET /sweeps/ww/giftcard2/6.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1495
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-5d7"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdoNmSryuyVIviMLkfHTR2VCoZcdzSYek6vE4PY0wKWZZPyxOaabT8sMVhd4YvtLh0ereJRHEHF%2BbJrB%2BBCWFoaLFIOFcqAAGK6ffvs8hEKtO4VK7T0PFglGaz95tTOl7H626ft9AENT3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a6b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/gift.png | 188.114.96.1 | 200 OK | 4.1 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/gift.png IP188.114.96.1:0
File typePNG image data, 84 x 94, 8-bit/color RGBA, non-interlaced\012- data Hash9c8a99f8106a7e0c99be0e2333301537 ff30510621a4e58a72b2adaf5270fed28c944307 4fda556b7901692f8165abb1f7eea0a42f5fc54d0d2b257e8daf5a30b0b8c9c3
GET /sweeps/ww/giftcard2/gift.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 4051
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-fd3"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3KF01Zt7MnIwbd%2BWHUaXI3J2S8wwPBSA2SJkBsAdpQUD2rORjOCeMuAYcUT%2BBDpuDLgY%2BSBAWlLqGWfiuGen%2BT%2BMmQtJvD%2B6%2FQfSrJqhTua2rObMK6cmkFlMbIZTRJptRe2M0eoeIqY7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994893b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/3.jpg | 188.114.96.1 | 200 OK | 1.6 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/3.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash8f52afa9e7a247acf53632fdfd62aa21 45fa6dc2c4bc5f134bcc59bd1b80214daac8f84b 58db8ee68cc5c89b372646ed7c7ac68588fcf2635452a831470e6a572bc49842
GET /sweeps/ww/giftcard2/3.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1648
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-670"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ukrnf%2FqkXvm4MA71XiqXVlwe7ywkaJqpVBL83jadhk3DliLnseoHPAGZ1dgbTaef2EoLnBPV%2Fo1rTD3ZAV3QmGvlhzEO1AKfK4SIts6iTZ4ucTbNOyyAmTUpEAbc2Ucl7LyvHsyt6iHTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489fb4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/loading.gif | 188.114.96.1 | 200 OK | 5.1 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/loading.gif IP188.114.96.1:0
File typeGIF image data, version 89a, 50 x 50\012- data Hashf4f031edfb2f37765dab11b35eafd026 1901e655edaaf84a56454516189adfa72c1630a4 835f56bb96eb76384dc480bc6c866efb1980d4a36ad42fbc82e46d9167542050
GET /sweeps/ww/giftcard2/loading.gif HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/gif
content-length: 5139
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1413"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLLIB3IctQ8JNMnbU6R5f5zCvlYw6YKF7IHwAUuzw2XeijGOMDww79jQYhRkz4WaEsqO2tZDeugYbMSdNo3%2FqjJmyOJ79DoHOmdp7mOmiofn5hbE6vP999K7XmWO47TkuEnxgErBbFSOwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994890b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/7.jpg | 188.114.96.1 | 200 OK | 2.1 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/7.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash3641990a28227bb5ed59021aff1d14e3 e6897de78a1019809f344f738a8ce2e757e10cef 8d7dc01c529864b54f1d3e7bffb73649056cea39a1907daadc18254e139c2cd6
GET /sweeps/ww/giftcard2/7.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 2095
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-82f"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kjAruuEpct%2Fd2v15l8ae%2BnSq1qMtJyS%2FkZut%2Be9yOjBJog4r24zV2KvIwjU0afz07SnQkVC6mjlYA8F28hoXafEpm5Ih6exYsYZ9y%2FgcCcwrWDiJtFZgOXSPYHomwjAI6i1N0g5rrV7XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489db4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/prize1.png | 188.114.96.1 | 200 OK | 8.2 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/prize1.png IP188.114.96.1:0
File typePNG image data, 86 x 96, 8-bit/color RGBA, non-interlaced\012- data Hash6290cff800ceb96ee20d5a19d0664880 ec920e4a2ecb24a6efec0dd55dd72f636c198d29 d110d7d2f6ea28a3f3e757b7d73f88d9f8d5b2974cb46b4c19e9bed9afc7d5e6
GET /sweeps/ww/giftcard2/prize1.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 8215
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-2017"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6bu3pOd936WaYDdEjVuY3aIfLTbdUdShFHEBbc%2FokLu1vgLgvhzf3RFjAOaHetp1I3ho%2B4wH0K%2BOVG8p6bDFMUXOirvHGWG54PRKafRhpdgPb4PosWOzsKup1QNMIGqcCEukh8ttifCsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994895b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/comment_action_2x.png | 188.114.96.1 | 200 OK | 641 B |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/comment_action_2x.png IP188.114.96.1:0
File typePNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data Hashe9b3872b3e63e19728176d45f0aa6986 b638f89d5d80c4cd65327da973c52f778e30bd55 a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
GET /sweeps/ww/giftcard2/comment_action_2x.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 641
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-281"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cneHOk9QBWJqgbkqE0epdyU%2B9SrQkNE%2FSOORym%2FgNFSNqspeWp5SKNKIRBKovgZQSKDCEVuMInn%2FQMwwDcN%2FibI%2BeNkJwOmzxpnwYFXgdNIdyg60lkChCffPwUGhCk7t2y5aHKU8l3PW2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a1943b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/action_icons_20px_2x.png | 188.114.96.1 | 200 OK | 1.7 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/action_icons_20px_2x.png IP188.114.96.1:0
File typePNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data Hashb699975b5fe73b087e711a33ff24ee1e 0e33cc5c32a5e7d18440751e3946076664caaf53 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /sweeps/ww/giftcard2/action_icons_20px_2x.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 1726
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-6be"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eu29nSxW61guJhIKCaQFBllU3RfmT9%2BPfTUkmXCajo9GLsEBkbBadlRuipLheHOXyxTjQHCYER19i3D500%2FgyMtWioiuWaLHKTVER5vMb9rZ9c3s0Ug0waw4Lv%2BvbiOi6f3YkH%2FjRruqXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a1941b4fa-OSL
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/backbutton.js | 172.67.75.44 | 200 OK | 2.6 kB |
URL HTTP/2rs.y1h1.com/backbutton.js IP172.67.75.44:0
File typeASCII text, with very long lines (4816), with no line terminators Hash04ec0b8371d611c8e68dafaa5cd27b50 2a24f4e4f559b1fbc0f2d6395ecbe3762d0b5105 1abbd689f13fa451d6958e410d05285ee01c1c0e5a7d415a9c27f7738628c6dc
GET /backbutton.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"61d46677-12d0"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 04 Jan 2022 15:23:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWKDlYFsK9L8ldfZ%2F9xZCLsLr83M2diyGFK7Uz1OMXGdSXzsaQsB%2Fb7UE2WAzMr2Gw%2BstPtfuimdN57SkHusqg047fypO50eB1leLmilAxhGBTktDiNDKvEDiBYvzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da4b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/pw_ix2.png | 188.114.96.1 | 200 OK | 74 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/pw_ix2.png IP188.114.96.1:0
File typePNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data Hashb9df5f56ef0c73de5d98acb6463a5663 935ed05378fd9461d074079f43d53187423138ff 5265aaacece3998b6363becfdd7e2a32eb53fb0a292e618701c2dc56a2405f93
GET /sweeps/ww/giftcard2/pw_ix2.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 74474
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-122ea"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW6Bcy4CpJ6tJXFZ5UE9UQpB26K6ne8Tf0%2BbHkuMq9Xq3Bvy8nSBHgBeqYYHPtyrubGT%2B38xZOE5glMkW99y%2FyAhDH2B%2F1OF7HAag3dM2%2BSuykAOLbLDdaenSUanrt919EuDdxp%2F%2BCNNeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994892b4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/notify_2x.png | 188.114.96.1 | 200 OK | 1.2 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/notify_2x.png IP188.114.96.1:0
File typePNG image data, 56 x 46, 8-bit/color RGBA, non-interlaced\012- data Hashf13fc2443b52ebc1535d3005ddcccb13 f4f7936ded15daf1b9bc8331e913e7d44d3b0da8 33774a02b8eb284b011ccbcd96e46f10132d50e26ec87491cbb1250dcd1140b2
GET /sweeps/ww/giftcard2/notify_2x.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 1157
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-485"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kMf8DIVUHnEJuXV8yiZU7WcyOfk625wPcFdng4nuV%2BRga3pLjtvTV1qLEUrxXF8O1hbEQNEPKruIVpdVkYP%2FQDNDtf8%2FNcT%2BWlBo1R%2Fdkk5FUqq54rvOT7T1yCXfzgtFcPQOgI0WSXOhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a093cb4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css | 188.114.96.1 | 200 OK | 4.5 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css IP188.114.96.1:0
File typeASCII text, with CRLF line terminators Hash0ecd5d48f6823acadc162ac5af1aa880 76e8c20278a53f2187775d2e864697ce9b82118c c98082c6a3243ed06b4230e5be5418baa22f5a479b7b5a8a5ecf977435dc3b97
GET /sweeps/ww/giftcard2/jumostyle.css HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/css
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
vary: Accept-Encoding
etag: W/"612a1700-444b"
expires: Mon, 05 Dec 2022 17:30:59 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLxMzhozTWuLc04rSS9%2Fwk5MJNmu7nFjEBhQgX%2BdricR%2F07feaKSpQoi9V2BkPs0xJzZ2PPZ%2FXarv9SoLWjlX40RnTmhcd7jP8bYJ12nx10gRAE0Rlbtd1MUqKLMa3tIGTKIQL%2Bsg3kfKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64993886b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/fonts.css | 188.114.96.1 | 200 OK | 20 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/fonts.css IP188.114.96.1:0
File typeASCII text, with CRLF line terminators Hash0436e9f3db22a0620d049d0c2fe0f9b1 3e9e7f59d44a184520df453dcf2c7679f33cf3af b5ef58f0d83d326d052c9ac22f8ee407c25dfdf88b57a2a462de7baa9c9fbeb4
GET /sweeps/ww/giftcard2/fonts.css HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/css
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: W/"612a1700-11e"
expires: Mon, 05 Dec 2022 17:30:59 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE%2FWVPYRYBDs%2Fl8pBZOWVNyJgPeBxTMeoZNzOk05gt8IOJED3NHgM%2Fs9skkCYFFiwqxDr2yYJZcKYzyGRtdSwiNfk6XUePM4IaVYkzcyzXwXjSgeg7BqCrPSb7foMjIL3GXToX2IDwAH5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64993885b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/SegoeUI.woff | 188.114.96.1 | 200 OK | 246 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/SegoeUI.woff IP188.114.96.1:0
File typeWeb Open Font Format, TrueType, length 245844, version 5.5\012- data Size246 kB (245844 bytes) Hashee10411f11ca61338f5bcaebefbdf700 4c720d1b7f057aa38a9ac184bc209990778dc651 88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac
GET /sweeps/ww/giftcard2/SegoeUI.woff HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: font/woff
content-length: 245844
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-3c054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuQV3450IYl8A55Ku41gn6EArhWN87GVylDkAu55gwDzXb0TfLcnQtTh9lJg0UVKLpFw9%2FY1wWcRwNra5nAUSrc5UpQCeFpf19BWKeryqbT1ijIWG19bMLe8qOIyfjvmPVuUZp9y9dBhdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a294ab4fa-OSL
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/common.js | 172.67.75.44 | 200 OK | 7.5 kB |
IP172.67.75.44:0
File typeC source, ASCII text, with very long lines (17150), with no line terminators Hash78b457b2f1af856085731f901d448f4d d9566c75db0d0cfdf40a9bb24987152f6d619a1c 6b02988eb8a5fbf7bf9f0d548f33b96e6756cfd33de9dd3db1698c62e1fbe4e2
GET /common.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6214ae9e-42fe"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 22 Feb 2022 09:36:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VbbeHObiTLDfS5RVIXHxpNkHVQQOq1tEwi4Q23mMHN3k%2FpvNn%2B3V5ADEjeb060XnKGSYBUnl69V4rl7Y5DpNBH80vSdaQckUCB1%2FdJUefvAZbpkdLwnosF%2FCGViSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da7b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png | 188.114.96.1 | 200 OK | 218 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png IP188.114.96.1:0
File typePNG image data, 1012 x 1024, 8-bit/color RGBA, non-interlaced\012- data Size218 kB (217588 bytes) Hash569f0618faf737c699990a7b93e5f5b0 61648e75b7583f5c77a6856d70b0abd1913b830d 2d35027ed66ca224dd911778b3862002ca70e3c5282fbc4dde91136701c71922
GET /sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 217588
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-351f4"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK2MvafL01fjMPQlNSnxuootObYBTWW%2Bt4BWDprhkvmbqsD5k%2BF33N1fuSwyMgZ7UOa1JofQMGtjJy0xcIEQT16lW%2FQ%2F8q9KsGZogfX9kmvICFh%2BKCfHWk06izUdghrcDjxb%2BFox3Xz6hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499488fb4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/main-bg.png | 188.114.96.1 | 200 OK | 699 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/main-bg.png IP188.114.96.1:0
File typePNG image data, 760 x 1396, 8-bit/color RGBA, non-interlaced\012- data Size699 kB (698653 bytes) Hashadbccee0708ae3b7a71d9652fb353299 1eb43728f22ca4adfacab76009e48bcb428e2182 077376ddc9c604e63cb3b7552b415042ea1c9f408ddbe3a571f419bb83cd72bd
GET /sweeps/ww/giftcard2/main-bg.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 698653
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-aa91d"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98agrmKO1%2FySZUMzSRDHjfaL%2BOmR3nDnhRb9Ipwbs6nvvVYauyK%2FircBCJj0eYb90SYHA4XdOG6rFEBXelbqMn8B3pGfq%2B30a8UN3WDAfuDTG%2BqObOfGtTbXk%2F8uA8eaTquKxPCF9tO1CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a093eb4fa-OSL
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/jquery.min.js | 188.114.96.1 | 200 OK | 32 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/jquery.min.js IP188.114.96.1:0
File typeASCII text, with very long lines (32065), with CRLF line terminators Hash5d49b02ee3a3fc78f171e2bcbf1d8cf6 7d9b5e5c0ba76714f9fbcd82746b4880676349f7 96917eac1fa334b1440a16c2e5dae9fd83e63b701e099e1848aec5e90d39fe3f
GET /sweeps/ww/giftcard2/jquery.min.js HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
vary: Accept-Encoding
etag: W/"612a1700-14e4e"
expires: Mon, 05 Dec 2022 17:30:59 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pqv8tq1vZgbH0w6hX4y%2B%2B7WtnWUb7Gq2Wjxibg4Ge1ork%2FPmASWTE1YykpZR8R5Uz6ZcAyRB%2B%2BeURNcd2vbrQ7ph25pDuG5PlRDRG%2FkzLoz4bdegYDpIhhsCsLgFXtJbmJ5%2FUN%2BkdOUNbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a2948b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash67eaf80416802078cf20f6f8328ca0bb d9cbffdc1972eec762e18fb620e4efe5169be163 12c2cddb038dc58e56c84a521b6f17b66ec54427a738fb8a46a4d95ceec9abbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:59 GMT
Last-Modified: Mon, 05 Dec 2022 05:30:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
|
|
| rs.y1h1.com/load.js | 172.67.75.44 | 200 OK | 80 kB |
IP172.67.75.44:0
File typeASCII text, with very long lines (7056), with no line terminators Hashda0408753b0e7b9e2528dcb1c033f7d2 10bec373bc234d3fb229199ea3fea2112f4f550c 9d458f6dd8ddfa4b9f5ad0dd283ca62ad79c00f83a8ef907b9a62f77d32d9932
GET /load.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6311dce6-1b90"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Fri, 02 Sep 2022 10:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNa6EBWQ4g%2Byy%2FT1egxozX6fMI3g1INmSwzwXhhqbMn19gvcaTZpbagN2kNZ%2FHzkGyBBYGBRSHtFaqBA4EtfbeLmd98lYhO204KhaGOa210qvCGlAJ9gk4tkUu5MYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da6b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash5f16a534222e5749ef240d413826c2f6 11683d84d420dd6f919425094edb8961278f7fed 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| t.y1h1.com/update?eventSub3=view&event3=1 | 172.67.75.44 | 200 OK | 2 B |
URL HTTP/2t.y1h1.com/update?eventSub3=view&event3=1 IP172.67.75.44:0
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /update?eventSub3=view&event3=1 HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift8778.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/plain;charset=UTF-8
content-length: 2
access-control-allow-origin: https://gift8778.giftforyou.top
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BxYBq2LCHXschNrd6KcTJbBqlHymuCaQXgCyaKcJo9LNPPYtZWVdDR2VUP8l2svBZhEiXAboqdUrH1ELBaaRdXyGQikNZAUPDhBl03aJmQONycDshe7mTyVEPHW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649c7ea1b527-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3906
Expires: Mon, 05 Dec 2022 06:36:06 GMT
Date: Mon, 05 Dec 2022 05:31:00 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash79c225db327a78b782f5a9512b07eaf0 398a1be3a70264d959146d6670d2ca54cdf4e91a 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3906
Expires: Mon, 05 Dec 2022 06:36:06 GMT
Date: Mon, 05 Dec 2022 05:31:00 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3906
Expires: Mon, 05 Dec 2022 06:36:06 GMT
Date: Mon, 05 Dec 2022 05:31:00 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3130c86c084c4c925fb9179dfa5c145d 203f27660f3885d5c1bc68a535baef4e48ff6582 faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 27765
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash8ead0ac4ce19cef2471bae0458759d89 af02fd3fcd2e10cfa2458407c0c2e59a43e18517 507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3c36448c65274ebbe1eb21e3bf02385e e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28 6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kYXmy10msfeWdDYgvq0PXyGpy9UJyQkSLAhR_Q5PQMllJPXOOTnalw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:53 GMT
age: 27907
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfddffc8edfa3ca668c8ac740d34f46c5 63483fc211cfb2808c7f37940a4065b4f4177c59 3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 27765
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash37b58bb09c00b591c2819c89e371d927 aa487f4a7767cb4591fe620592da65bde90c0aa2 9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJYTPoArDEx6lR34nZ3DPCAtuWr2lW5qybqaGAu1gSQVdfRq8zlhOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 27237
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash557fea28a0a540d2ffdadd828e03de0b c314368e2e73dabf2c5d856e2c3e1fae610a3005 0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iT3IPDIK-qKf-y1_x7hZNSW-4GqKLNuX6U__8bY8eZP178PPnD0IeA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 27237
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/newmain.js | 188.114.96.1 | 200 OK | 20 kB |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/newmain.js IP188.114.96.1:0
File typeASCII text, with CRLF line terminators Hash864025d09a29af1423a402df4adf1b5e 7fd8c0bd34073417279562c1477795d83accd8bc b11487df90f59a73020ea1e2825bb311d2c23dbf1fd4107d3b3fc4ec9620ae6b
GET /sweeps/ww/giftcard2/newmain.js HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
last-modified: Mon, 18 Oct 2021 21:08:10 GMT
vary: Accept-Encoding
etag: W/"616de23a-110b"
expires: Mon, 05 Dec 2022 17:30:59 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWppqoxVt2DKpH8XoiRahzT76DSCMR7lJrDqosZpS5ujPeVyWhKLKlEGtIkr0uX6sxS7TKMt9buxV7UGIjcjdAH35KfY9xM6uKvebOFaAV6TooDWKhJ4sYSqRTK%2BpjJx%2FNA%2FNv%2FNM5RHSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a2947b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js | 142.250.74.35 | 200 OK | 163 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (730) Size163 kB (162976 bytes) Hash79d18cf4265108d7cecca1bf4ada6109 e51d0285a545381d4c39e9e0292a650ffeeecbb9 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift8778.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 555663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash79c225db327a78b782f5a9512b07eaf0 398a1be3a70264d959146d6670d2ca54cdf4e91a 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash7dfb548d8f8a99d32050803775fad5d6 8b47999a01db7c2217d76a1cec576809a229cf1b 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| translate.googleapis.com/translate_static/css/translateelement.css | 142.250.74.138 | 200 OK | 3.6 kB |
URL HTTP/2translate.googleapis.com/translate_static/css/translateelement.css IP142.250.74.138:0
File typeASCII text, with very long lines (18670) Hash897ba9a21d9625286674da769dacc2e2 84b4923ab7dee562395160824d53496314499b77 696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 05:17:04 GMT
expires: Mon, 05 Dec 2022 06:17:04 GMT
cache-control: public, max-age=3600
age: 836
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main | 142.250.74.138 | 200 OK | 75 kB |
URL HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main IP142.250.74.138:0
File typeASCII text, with very long lines (1613) Hash110765e1accf41111543c29721c78b52 3eeceb853d592a297162325f20f0420e136c875a b5fb084ee4491e64fca48643106c0eb338212638caafdad88ff91e0d4198b589
GET /_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 00:23:32 GMT
expires: Thu, 30 Nov 2023 00:23:32 GMT
cache-control: public, max-age=31536000
age: 450448
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash7dfb548d8f8a99d32050803775fad5d6 8b47999a01db7c2217d76a1cec576809a229cf1b 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 286977
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 305417
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100>m=2oebu0&_p=2040259985&cid=48527680.1670218257&ul=en-us&sr=1280x1024&_s=1&sid=1670218257&sct=1&seg=0&dl=https%3A%2F%2Fgift8778.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1670218258-LyLIHy%26utm_medium%3D1962%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16587014215188d458%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100>m=2oebu0&_p=2040259985&cid=48527680.1670218257&ul=en-us&sr=1280x1024&_s=1&sid=1670218257&sct=1&seg=0&dl=https%3A%2F%2Fgift8778.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1670218258-LyLIHy%26utm_medium%3D1962%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16587014215188d458%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-37GE99Q100>m=2oebu0&_p=2040259985&cid=48527680.1670218257&ul=en-us&sr=1280x1024&_s=1&sid=1670218257&sct=1&seg=0&dl=https%3A%2F%2Fgift8778.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1670218258-LyLIHy%26utm_medium%3D1962%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16587014215188d458%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Mon, 05 Dec 2022 05:31:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/checkbot.js | 172.67.75.44 | 200 OK | 0 B |
IP172.67.75.44:0
GET /checkbot.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6222c2ff-1fef"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Sat, 05 Mar 2022 01:55:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4PUF%2FhS9vh7n86A9btDwUvn54inZc6oNVUyc2tTF9neeMDJ%2FeuL5m4iOHfiLX9ee8ZAEOl2pTQv4klh3MxLiL5GeH6Vo7%2F8%2BIEmWzlk8fHLADB73USt9rp5k5iK9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da3b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/trans.css | 172.67.75.44 | 200 OK | 0 B |
IP172.67.75.44:0
GET /trans.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=417
etag: W/"60837b07-1a1"
expires: Mon, 05 Dec 2022 08:23:48 GMT
last-modified: Sat, 24 Apr 2021 01:57:27 GMT
cf-cache-status: HIT
age: 32831
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dVABF5hvwKQxdhvjWoiSLAZQGKv6EtZb64P4Whe3VmFvY%2FzYmXaeyhcinLr%2B56X4o1i2ipzCih6wOc%2Fd1zCSHaw4A2OyirDDgEvnSZjZG%2FIfJ6bgNFvbTuRfcEBBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649bce89b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| t.y1h1.com/recaptcha/verify?token=03AEkXODCnYp7Btha77ZWe0lbLQWT9HTpAkMF7gobEQeTplEu6n9dfCOqMjIup0SNu1gvE-8CE9ZFKtmUYds-qxd1wB7d7pnTVu-IjNyygzmbygOB4FgVyRKwga8lqe5JFj4l_hFIOgOv76GzdtE2WcgPUazqhh3_KtKvSMJnqc1JQUl7zFFlCca_BurPpC9oPd0IDpO4rEIlufgUjPR7_tCNurFobocu85uK_fLFxK6AF6xCKmBIpgGJnvkP82aiVDsBAXBlajnyqfn84Vig0D3UatWDNll9Qgse78cNasvQ0Byk-XUUcM6Umm4yg3WkO6idcmO4NRoNEhpSz9B7pQ7MgagvG2t_kjq_asPV6rHYl8gE2BW66WBPV47AnxaMehM_hvrh71exn3F46l0VWy7cef8yMoRINXxxIiIXifJkHK7GwPKpq119W90t_LGc0V9Jruw3J079NWejQ-vPp_7ElF44qbXb38TIGN2kKE4oRuC07duebNjzYAfTslbHBMU2EoUkX8OYS&vid=1670218258-LyLIHy&eventSubField=eventSub9&eventField=event9&botScore=0.5 | 172.67.75.44 | 200 OK | 0 B |
URL HTTP/2t.y1h1.com/recaptcha/verify?token=03AEkXODCnYp7Btha77ZWe0lbLQWT9HTpAkMF7gobEQeTplEu6n9dfCOqMjIup0SNu1gvE-8CE9ZFKtmUYds-qxd1wB7d7pnTVu-IjNyygzmbygOB4FgVyRKwga8lqe5JFj4l_hFIOgOv76GzdtE2WcgPUazqhh3_KtKvSMJnqc1JQUl7zFFlCca_BurPpC9oPd0IDpO4rEIlufgUjPR7_tCNurFobocu85uK_fLFxK6AF6xCKmBIpgGJnvkP82aiVDsBAXBlajnyqfn84Vig0D3UatWDNll9Qgse78cNasvQ0Byk-XUUcM6Umm4yg3WkO6idcmO4NRoNEhpSz9B7pQ7MgagvG2t_kjq_asPV6rHYl8gE2BW66WBPV47AnxaMehM_hvrh71exn3F46l0VWy7cef8yMoRINXxxIiIXifJkHK7GwPKpq119W90t_LGc0V9Jruw3J079NWejQ-vPp_7ElF44qbXb38TIGN2kKE4oRuC07duebNjzYAfTslbHBMU2EoUkX8OYS&vid=1670218258-LyLIHy&eventSubField=eventSub9&eventField=event9&botScore=0.5 IP172.67.75.44:0
GET /recaptcha/verify?token=03AEkXODCnYp7Btha77ZWe0lbLQWT9HTpAkMF7gobEQeTplEu6n9dfCOqMjIup0SNu1gvE-8CE9ZFKtmUYds-qxd1wB7d7pnTVu-IjNyygzmbygOB4FgVyRKwga8lqe5JFj4l_hFIOgOv76GzdtE2WcgPUazqhh3_KtKvSMJnqc1JQUl7zFFlCca_BurPpC9oPd0IDpO4rEIlufgUjPR7_tCNurFobocu85uK_fLFxK6AF6xCKmBIpgGJnvkP82aiVDsBAXBlajnyqfn84Vig0D3UatWDNll9Qgse78cNasvQ0Byk-XUUcM6Umm4yg3WkO6idcmO4NRoNEhpSz9B7pQ7MgagvG2t_kjq_asPV6rHYl8gE2BW66WBPV47AnxaMehM_hvrh71exn3F46l0VWy7cef8yMoRINXxxIiIXifJkHK7GwPKpq119W90t_LGc0V9Jruw3J079NWejQ-vPp_7ElF44qbXb38TIGN2kKE4oRuC07duebNjzYAfTslbHBMU2EoUkX8OYS&vid=1670218258-LyLIHy&eventSubField=eventSub9&eventField=event9&botScore=0.5 HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift8778.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:00 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://gift8778.giftforyou.top
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTi0LiRqQLYBKhcYJIJ%2FZGOnXhzNW7dK3otTkPYMns9p3QlQcUT93fb%2BsSutTMXiVt1u26dsoSklqf9FxGIKeK%2BEMF9nYvevPhCWkFo%2FRJ3skHrVz7hB91iWAbLz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64a1fa4cb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 188.114.96.1 | 200 OK | 0 B |
URL HTTP/2gift8778.giftforyou.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP188.114.96.1:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjRfyf6p4YYUlhBnXIUBXPEYc2bRwUuykGumUhjEOJWXtEJbi8J6rNTwVKMj%2Fb62meFAKTFqafrWwxTeCVvp14TsIWoQFoRYhQpbCYI4KhKxABmvKQbUHEoSziyX3K2Y7omEul3wElZUEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958abb4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 07 Dec 2022 05:30:59 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/push.js | 172.67.75.44 | 200 OK | 0 B |
IP172.67.75.44:0
GET /push.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"61d4671f-2950"
expires: Mon, 05 Dec 2022 06:52:49 GMT
last-modified: Tue, 04 Jan 2022 15:26:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 38290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yRi62sj508qcNFLS%2BLUX4oHjRhwn5jxPcHS25QTuuy3L%2BUQFtERQUaxxBER4aT8JkbW73ebGc0rFvpJYgzy%2F3pqqpoX8inOOlhzgRvV9Ilpf0KrYLCViYVHsDnOxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649bbe83b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/copy.js | 172.67.75.44 | 200 OK | 0 B |
IP172.67.75.44:0
GET /copy.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6308a3c6-ea8"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Fri, 26 Aug 2022 10:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdidTJwRKc%2FEO0l9ELmc%2Bzp9xYfWx03GM%2FhWdpMV0Etydqtwe2iKB%2BtHc2CeevwMx80C4YacJszc4StgChGInKP%2Fz4EYcyNepnWl8QRMYSBzZ3UvRdkEjwrRV9lA5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da2b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2 | 188.114.96.1 | 200 OK | 0 B |
URL HTTP/2gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2 IP188.114.96.1:0
GET /sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2 HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5pxztAxMbWjGr8P1NiIq3ZH9gAVk%2BWyfmCKqnhTxdk%2BytUD44Eg3jeRAdE8Er%2BtDz6zszNx1W%2B8yFMTdNF5pgBOQTmEG9Ablc8WKI7m2mz3amIEab0859y1Qf3FIPJnIznDd%2F9yqgm6pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64983fd6b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|