Report - gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2

Report Overview

Submitted URL
gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2
IP
104.26.12.100
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-05 05:31:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.240.159.184
rs.y1h1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	96 kB	172.67.75.44
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	48 kB	34.120.237.76
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	164 kB	142.250.74.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.33.119.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.7 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	911 B	543 B	216.239.32.36
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	33 kB	142.250.74.35
gift7127.goggle.vip	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.9 kB	172.67.71.125
t.y1h1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.1 kB	172.67.75.44
gift8778.giftforyou.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	1.4 MB	188.114.96.1
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	846 B	81 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	goggle.vip	Sinkholed
2022-12-05	medium	goggle.vip	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	rs.y1h1.com/backbutton.js	4.8 kB	2023-03-07	2024-02-23
Pretty URL rs.y1h1.com/backbutton.js IP 172.67.75.44 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-02-23 05:44:19 Times Seen176 Hash 8918c66d03736c047f765824b6f599f0 97ba02df4c93fd5edff7182e09d867398d5dd7d6 41e9f9514444fbf97421e59d1fe250d2999da2f96657379a41b681a2a000b824 Loading...

	gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2	48 B	2023-03-08	2023-12-08
Pretty URL gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:27:45 Last Seen2023-12-08 21:06:35 Times Seen19 Hash 1cf52442ced812388c16385f5412f1d9 915b2c8431a8db17b36dae7789956a5b5e050eb9 c06df7eafb226a6144ce35a3bbf513299e9d94c0a3d976cb7b203648d0dab364 Loading...

	rs.y1h1.com/trans.js	282 B	2023-03-07	2024-02-23
Pretty URL rs.y1h1.com/trans.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:42 Last Seen2024-02-23 05:44:19 Times Seen145 Hash 823b65b6a0c5875866d8bb0cfbf57c1d 36348c6e35a67f5b64ea824454fcf49c00d4001a 20e31ce62f6843a9580c83dcae8a317da240f88607b572b87ac5886df130b17b Loading...

	gift8778.giftforyou.top/sweeps/ww/giftcard2/newmain.js	4.4 kB	2023-03-08	2023-12-08
Pretty URL gift8778.giftforyou.top/sweeps/ww/giftcard2/newmain.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:27:45 Last Seen2023-12-08 21:06:35 Times Seen23 Hash 3b2681f3ab28a976311d724cd06c72ab fb5134f8c92a45779c54b44c3e8f3058b895b32c fd847f161a4f61ba58d0e50146bafb435aa5b9fcd48aa6f2c00434f9f41798d0 Loading...

	rs.y1h1.com/common.js	17 kB	2023-03-07	2024-02-23
Pretty URL rs.y1h1.com/common.js IP 172.67.75.44 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-02-23 05:44:19 Times Seen275 Hash e82a7475219924f096429f180b359bfb 914006151a4b38056a5ab70a51abfb389bc7b7eb ecfa449cbb48255f0ece7b436e2015299b9e6adceb9f4df863a9ce36eab71278 Loading...

	www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y	884 B	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:09:44 Last Seen2023-03-11 21:39:21 Times Seen1 Hash 6c5cfbe6704c5e11571428c059f0ca55 86ad811dd86fcb95820b9d147f3a9bc9d39d0a6a a9e15752c83a48bd3eb053e1fa6a7c0a778b2c3df42a7cfa6eb1b93653b7013b Loading...

	http:srcdoc	1.2 kB	2023-03-08	2023-04-22
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-04-22 02:10:05 Times Seen1280 Hash 1bdd099873761648dd3aa8aad60e2ac3 713e5a99347bd73f3d9c359acd1c885430e22060 0624e7ce1ad63657924f8ca830c5a9a16c721b527ea1b98d2ef471d04348a07d Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-04-26
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 20:22:36 Times Seen14195 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	rs.y1h1.com/checkbot.js	8.2 kB	2023-03-07	2024-02-23
Pretty URL rs.y1h1.com/checkbot.js IP 172.67.75.44 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-02-23 05:44:19 Times Seen275 Hash ce0c2c4ee0cb0c547667698772dc25b1 7fdc7c61cf11d289c270ebe3c23032667d010e53 b2b11e955ad96caa642a0b963217b7a9e81c66ca8bcf0fe15b8ef0ea0d565d31 Loading...

	rs.y1h1.com/copy.js	3.8 kB	2023-03-07	2024-02-23
Pretty URL rs.y1h1.com/copy.js IP 172.67.75.44 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-02-23 05:44:19 Times Seen277 Hash e8b6c2f6a93914adfb6c0ee4e3dfe046 9d261977b498029390d716a9b28290463b9256f5 29daea46fd37a5f226b28e122dbfe919646b40a1aeeb5f3318a12d375bb11b2b Loading...

	gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2	19 B	2023-03-07	2024-02-23
Pretty URL gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-02-23 05:44:19 Times Seen39 Hash 1d12f2533e48099e1c99d70f424ba5a6 3ea9c3e4751bccb351a6b10e8a53fdd04c3fe5ad 34a4f435431f9632ea83d3fb48e95a5bf0714226b97d57dea5bed318727c5f7a Loading...

	rs.y1h1.com/push.js	11 kB	2023-03-08	2023-11-23
Pretty URL rs.y1h1.com/push.js IP 172.67.75.44 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:27:45 Last Seen2023-11-23 10:24:33 Times Seen152 Hash 4a568f85d11889822f26b08482ee21c3 7c35fda13f0b17cc4e60c45fea86442df7c5521a c178f126914823c68206687d0d4dc373420df2911d4d108ade20f29d08c8e222 Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	76 kB	2023-03-08	2023-03-08
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:35:38 Last Seen2023-03-08 16:36:28 Times Seen1 Hash ecbd7df37e2ff44c1978a77a28f6cf73 d852214f5ae558bd9166f75a8ef1fbbca23f1002 cd3831bd039398cd595ecff43f113f1f79f5da7387bfa449f8fbb80c94b71ce4 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0ODc3OC5naWZ0Zm9yeW91LnRvcDo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=dldjy4oi0up7	35 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0ODc3OC5naWZ0Zm9yeW91LnRvcDo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=dldjy4oi0up7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:35:43 Last Seen2023-03-08 16:35:43 Times Seen1 Hash 23cfe54c49ec2bb47b15716808036791 3bcaabb68a82c1f127f6765f07bf59bfc52b8036 ce8d2b1fbadc24b36f54e134702660a052bf6f454329144ada59aabb41b67f61 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	gift8778.giftforyou.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-27
Pretty URL gift8778.giftforyou.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-27 01:04:50 Times Seen43144 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	gift8778.giftforyou.top/sweeps/ww/giftcard2/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL gift8778.giftforyou.top/sweeps/ww/giftcard2/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-04-26 16:33:31 Times Seen6504 Hash 710458dd559c957714ac4a8e95357eb5 f694238d616f579a0690001f37984af430c19963 b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365 Loading...

	rs.y1h1.com/load.js	7.1 kB	2023-03-07	2024-02-23
Pretty URL rs.y1h1.com/load.js IP 172.67.75.44 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:17 Last Seen2024-02-23 05:44:19 Times Seen275 Hash e2494b9cd7f26ba05e504ab12aacdb89 d3224387f27e022d556f4ecd6b3aac9485bd1362 eda9e1ca8b96059ca3ed3cdd8f1e6822a8ef23604293b1cb914117caa5371d94 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:01:55 Times Seen37108503 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main	211 kB	2023-03-08	2024-04-22
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2024-04-22 16:34:28 Times Seen136 Hash 416b0fc07995be8d2b5b67aba46171b0 dd355df12143ce031c19ed0b2b8bf512b6c7d5f1 99a05e6c4657850662d766688752248659646b186aff567879d5d159812d1904 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0ODc3OC5naWZ0Zm9yeW91LnRvcDo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=dldjy4oi0up7	69 B	2023-03-07	2024-04-27
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0ODc3OC5naWZ0Zm9yeW91LnRvcDo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=dldjy4oi0up7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-27 02:01:45 Times Seen99640 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1d8533a4fb344159c56557e4adea0c82	16 kB	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 1d8533a4fb344159c56557e4adea0c82 866ad1804bc5f2cd4cd95e73a0684b33b70a13d1 b2114ca8069486d06bb9a9a5f5547e7cfe4fe5ef5447857d285247e2d41bf138 Loading...

	#2 Eval - 51d7e50dc094e185c0a4af6e3af6c552	18 kB	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 16:35:43 Last Seen2023-03-12 11:14:44 Times Seen1 Hash 51d7e50dc094e185c0a4af6e3af6c552 cf0059bfb00173174672a2f4527bd3e31f27c8fe 8f3eec0b13379c9d36f178898c877fb215c1ca77394973e1b5097760d42f53f2 Loading...

	#3 Eval - 9027de80c706edfca79202845a6c7552	22 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 9027de80c706edfca79202845a6c7552 2c1e881e00159b49b7b241bd17f93c1788773d2a 77363f7986be93a204a91ba121d26532ec35e7bc651b2cbd5ebf69096ed33f78 Loading...

	#4 Eval - d276a813167b497c4a90d8fd4821c67b	64 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash d276a813167b497c4a90d8fd4821c67b 49c6aeaf4992e439e2b89ff75e95f90c685fb815 115c2cd05cb70229863899ca2e056679642ce900998f36d057f93d4c40332a56 Loading...

	#5 Eval - 3546a3cbd082296d178d798889142a9d	22 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 3546a3cbd082296d178d798889142a9d 79a87def07861d9335bd36a9f5a15e653acf882e 394d9c39a1fb60f7b8bc78d73d3bfde8cba8a5e839a15101f37fe539d8983623 Loading...

HTTP Transactions (75)

URL IP Response Size

gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2

172.67.71.125

301 Moved Permanently

0 B

URL HTTP/1.1
gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2
IP
172.67.71.125:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2 HTTP/1.1
Host: gift7127.goggle.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 05:30:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Dec 2022 06:30:57 GMT
Location: https://gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH4OaEKX560i0LCRhnDKyhNZ67wfBc9Qwyc%2BzIUid1o8fRN2B5RxV9uXdDElDxf2stnTZscyiXPVUApXY1ULaFBspd7nGH0KSn%2BBn20pnMRLpwWSUOzcTCuEIb%2FfHbUNFFwIPe0G"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774a648eac83fab4-OSL

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5923
Expires: Mon, 05 Dec 2022 07:09:40 GMT
Date: Mon, 05 Dec 2022 05:30:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 540
Cache-Control: max-age=104960
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:57 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:40:17 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2164
Expires: Mon, 05 Dec 2022 06:07:01 GMT
Date: Mon, 05 Dec 2022 05:30:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 05:20:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 644
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kFZMis4Hxfxl6Cf4r3kHNqknz5BOZadzHZFLvwTIZihVyT1ct3nYEVrLQdmfVSgU50xG7uNMhqk=
x-amz-request-id: V22FM4RCNDZ9KD6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 04:47:16 GMT
age: 2621
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 05:30:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
db3a7a835850d29f73d539bca13fbf71
73ac03148286bef3e4b7eae537a0fe79991a7a7a
a9be93a07d46c2a66f335d712ddefec393b6cae451238e78c9dab1e259aff2eb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161616
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:57 GMT
Etag: "638d5661-118"
Expires: Wed, 07 Dec 2022 02:24:33 GMT
Last-Modified: Mon, 05 Dec 2022 02:24:33 GMT
Server: nginx
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 05:08:58 GMT
cache-control: public,max-age=3600
age: 1320
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
67eaf80416802078cf20f6f8328ca0bb
d9cbffdc1972eec762e18fb620e4efe5169be163
12c2cddb038dc58e56c84a521b6f17b66ec54427a738fb8a46a4d95ceec9abbd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:58 GMT
Server: ECS (amb/6B96)
Content-Length: 279

172.67.71.125

302 Found

273 B

URL HTTP/2
gift7127.goggle.vip/sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2
IP
172.67.71.125:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
273 B (273 bytes)
Hash
ed0391e4ea011a4829aea41a598c86e4
10648a982f102e106aefac7dd53d23ad30b6bb4b
f887a733ee25010a05c382efac45e06e81381f156034ab6aae2d93c09348ebc9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sweeps/ww/iphonesurvey1/index_en-us.php?vid=1668938253-vurzlf&utm_medium=1962&utm_source=redirect&utm_campaign=0_autosmartlink_auto&utm_content=smartlink_with_push_randompub&isp=google%20llc&city=mountain%20view&br=0&sp=1&iw=false&checked=0&trans=1&ipp=0&lpkey=165c687793ec886053&ck=2 HTTP/1.1
Host: gift7127.goggle.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Mon, 05 Dec 2022 05:30:58 GMT
content-type: text/html; charset=UTF-8
location: https://t.y1h1.com/visit/5d282e030142b6000661240f?type=lpKeyError_Type_1&srcTrafficSource=redirect&srcCampaign=0_autosmartlink_auto&srcPub=1962&srcOffer=smartlink_with_push_randompub&exid=1668938253-vurzlf
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Li%2FilmO3L%2BSXWFHCmcuxPL%2FWTE7Dp%2FM7bSwdxNFWy0Qh2eWQ0qp6Jx5a3RkgVxEztbh0ga14fbQcnVAWhnRSHR%2F%2BA%2F58XdquYUclp86zHq3id7YBbwWoG17Ax5fPENvdpKmn8b%2Bs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64910affb518-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 525
Cache-Control: max-age=99878
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:58 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:15:36 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

t.y1h1.com/visit/61e55f98081ec20007c7f606?exid=1670218258-gKRBXN&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=1962&type=Cloak

172.67.75.44

200 OK

416 B

URL HTTP/2
t.y1h1.com/visit/61e55f98081ec20007c7f606?exid=1670218258-gKRBXN&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=1962&type=Cloak
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document, ASCII text, with very long lines (416), with no line terminators
Size
416 B (416 bytes)
Hash
9e84c6817cadf3197c5fa0f5ee393fa2
89fe8dbf5b933b5b0d51bdca79b5fa3dc2bf0742
ed5ac8c826fd24508ac5964d54d800dae748ef56251a7a66a10b2ff7a30fd354

HTTP Headers

GET /visit/61e55f98081ec20007c7f606?exid=1670218258-gKRBXN&srcTrafficSource=Redirect&srcCampaign=0_Redirect_Auto&srcPub=1962&type=Cloak HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: vid=1670218258-gKRBXN; lv_5d282e030142b6000661240f=1670218258-gKRBXN; vn_5d282e030142b6000661240f=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:58 GMT
content-length: 416
refresh: 0;URL=https://gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2
set-cookie: vid=1670218258-LyLIHy; Path=/; Domain=y1h1.com; Max-Age=604800; Expires=Mon, 12 Dec 2022 05:30:58 GMT; Secure; HttpOnly; SameSite=None
lv_61e55f98081ec20007c7f606=1670218258-LyLIHy; Path=/; Domain=y1h1.com; Max-Age=3600; Expires=Mon, 05 Dec 2022 06:30:58 GMT; Secure; HttpOnly; SameSite=None
vn_61e55f98081ec20007c7f606=1; Path=/; Domain=y1h1.com; Max-Age=3600; Expires=Mon, 05 Dec 2022 06:30:58 GMT; Secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BiShja%2Fuz96xFlqVHJiMZtOdEva1y0owHfR3oqCRAC%2FS3jiSxMv3Nx%2FAZb9QgoYTgleh9Gy4NCoJ6u8tQd4AH3Ae65uO6I6hnCRMbtJyVf7fEQ6IVQpLB6%2BGvGg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64946c87b4fa-OSL
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.240.159.184

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.159.184:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DOwWGbIsfEzcq2WVRf4EVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vac2wDRdEQuYgcnMx31ZltyZikw=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
cc7350d668e793b5e31da2274317c19e
7c2436dfc888adf9cddd5fa63107909d78597df1
ee94c99d8ff9df99e637656a0293b9d1b293a17505920d043ad08c106290ebfc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170303
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:59 GMT
Etag: "638d7852-117"
Expires: Wed, 07 Dec 2022 04:49:22 GMT
Last-Modified: Mon, 05 Dec 2022 04:49:22 GMT
Server: nginx
Content-Length: 279

rs.y1h1.com/recaptcha.css

172.67.75.44

200 OK

28 B

URL HTTP/2
rs.y1h1.com/recaptcha.css
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
8f48e083a831bd16da0aada175478aaa
df342632e700b5453c189d3129a1e7c5a27598c6
ec8e585ab06e164d11e99adcf9b18d3074de0ece7c922fc6cc99d86fad4d9ea7

HTTP Headers

GET /recaptcha.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/css
content-length: 28
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=31
etag: "5dc0edfb-1f"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 05 Nov 2019 03:35:23 GMT
cf-cache-status: HIT
age: 144
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDI8qTeQej1TYY%2BQSTKUv01FmnVqZfOWc5y0%2FMDna8nktbLW5rPl45OUD1WqacsCPw4Tw1Yx%2Bwv6Bz2xeRu2dQsmOO4nYDPjNjKj83BZ5YF%2BOkfroDy1NLg6XXQtyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64996d04b4f9-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/menu_2x.png

188.114.96.1

200 OK

15 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/menu_2x.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Size
15 kB (15194 bytes)
Hash
8714f78a15df3b8769c66518ad411404
4f1c074c4f7cd824c4e0a7a06a4f36838ec57bc7
c1d04143995e571804cca18baa14b05794545f77171d6697abde9ac432db57f1

HTTP Headers

GET /sweeps/ww/giftcard2/menu_2x.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 15194
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-3b5a"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwS0EsYxMZ5tAEOj9tF6BLBAJf2eyHsM%2FxYHAhtSPbddjvL3FPqlmQFQh5AZqXixKJ7M3GNspuEon7%2BQ7wNxhJhJJjb4tA3D07NuFW6DO%2FT50EHZkAfBOJAfeBlTqX%2FmoVf3yDBAMkl3BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499488ab4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/like_user_2.jpg

188.114.96.1

200 OK

1.2 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/like_user_2.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.2 kB (1216 bytes)
Hash
f9299c2023539a8f27a6e1b12ed260e5
046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd

HTTP Headers

GET /sweeps/ww/giftcard2/like_user_2.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1216
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-4c0"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtmhDyChEHEIpzwWmxVbRLnJV2b3LjuOaL0RB5wtbJJJUnppUh2GcKVnw%2F2%2Fwf0ZxwzyzDm1fan8wQT3Sxw5iCVhFmOnLRLS9aJRfWEQ6iDhO8PKd4S%2Bwm%2F4cysYAvYocb6nccBoySImIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489cb4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/prize2.png

188.114.96.1

200 OK

7.3 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/prize2.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 83 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7264 bytes)
Hash
d1fea41e41e0b65df696294be795b34f
46f37e9ac56617cf366adddf2ed2389b5b6dae0d
3d89d40b25c079be8baa42705fcd9c35933b6fd1456c66e849c3fdf37aa3856f

HTTP Headers

GET /sweeps/ww/giftcard2/prize2.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 7264
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1c60"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBtH3vV4DLT7BiqOELukHVea%2F7U2ZqPT48Ecs0XUnL%2FvH4tofNurArzg1wnEM6Szopu7ACslyK95zqJHdmf4sQcV0dsCmZev4gNfy6gtHi5Fg%2B4xqw9YffSPZNhKj%2BdIW0JcbTFSxBUL7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994897b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/4.jpg

188.114.96.1

200 OK

1.8 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/4.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.8 kB (1803 bytes)
Hash
59389d99986c2c273716a3a8318d137a
fb4182ad157fd847a0e454263fb1ce981751ae8e
a76e62e7aa1c08feb38cc3203ec6ae986bb5bfdf1820dd42b256061fa2a0990f

HTTP Headers

GET /sweeps/ww/giftcard2/4.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1803
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-70b"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Oan6TLO9qD6U8L7ZfW9LaCLkPSHrNVjQduaTHtcq3e%2BVDRX5DkJr2UfGOAQNHMKhDWhM26KM9j%2FdL3UDhFNEPoVavBGHax7gF5tko4o%2BNXuT501GHnENzcDjfHADaMt28DDZYtbnFvitg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a5b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/like_user_1.jpg

188.114.96.1

200 OK

1.3 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/like_user_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.3 kB (1293 bytes)
Hash
2aa0d43e70d60d76ac4bdff139f8c7cb
d7e3433297ad90f5d99249aee29b645265c9f3eb
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

HTTP Headers

GET /sweeps/ww/giftcard2/like_user_1.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1293
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-50d"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trPmJoN2CPQDTeH3rqljhceTTExMBayV%2FjcQgpA7fBSjm3J72URlrdyV2sexXCKI0J2AIfZVmymboHA4UHqFID97DKB3yoOhtZGZHzL%2F7OH8rdueXN4n3VXG6RzaTWzIs690w5SCf%2FwoOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489bb4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/2.jpg

188.114.96.1

200 OK

2.2 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/2.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
2.2 kB (2182 bytes)
Hash
7af1c5ea7c34e1748aa8e4ac65d26256
506ccb8359f870d196643c85c38a8739e044b78b
afa0d114beef551ec69b8a3bf82f292729b7e8930f022a83bd68bec11e5fe474

HTTP Headers

GET /sweeps/ww/giftcard2/2.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 2182
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-886"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HMkQ4wyn99Z2mAYiOWBiOrju90J23%2BnsJNCXyeGLQ%2FwLc9JH9dmPCkcc0ehj4edYywRUtm%2F7%2FrDU7FbTue%2B0Cb2tFyG0E2IQQjFzRlD1XVQ4RQk6%2B2j3RL5Af34UVoxs21n0Pgc%2FmRU%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489eb4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/1.jpg

188.114.96.1

200 OK

1.9 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.9 kB (1863 bytes)
Hash
7c4c03a240fbd38d376111329cb3399c
429f149a2f076040c32d328f89b2099308835d70
1ad68d21bdc5d7616e0ea09fda1fe683ac7ff548e3afa35680de2614dfbee051

HTTP Headers

GET /sweeps/ww/giftcard2/1.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1863
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-747"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1a0B0vWfkqcYSLFvir7Cd3HqM%2FdDVxEZpmUqEHKKVFYzEiOLxOiE3cfekLvqUP19UQ9zhzo%2BrdUhPS2i9a10AKPrLBUtchkDw0Cw276oHxChhlFILm0AnCp5EVzRhoPFPs0NBSKGWAL3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a7b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/footer_right.png

188.114.96.1

200 OK

6.8 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/footer_right.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 118, 8-bit/color RGB, non-interlaced\012- data
Size
6.8 kB (6825 bytes)
Hash
ed8f956b5be34d80b8b6320dc43741ab
8448e9bcc591804bc820944e6cc073cf363d005a
1f69493b3c8fa89a0f217632374effe57b80d981d1726604e1283b9d3663abd0

HTTP Headers

GET /sweeps/ww/giftcard2/footer_right.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 6825
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1aa9"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ci6RLx59M1l5ltWSpMQWvop6DmGrWcSl3aMHPwyxAMA7NKSE5elmYuzVwUTsY9mXGxW%2B5s3gVfoPYffUv1m4uSWqiKAIR4qy2MSAXgvY3soNbwTnFHPg1VQ3xFfM4c9dqhoEUFr8QlMPlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958aab4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/8.jpg

188.114.96.1

200 OK

1.6 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/8.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.6 kB (1561 bytes)
Hash
c31e3d6f2d5d38af20fee54b89568db4
38570ab4bd66cf8421877b46486b106beb925787
49194aa4fbfb6dfbeaa47328bd1a721e96c80e7d78cb8a6a15febb7a59d1c9e9

HTTP Headers

GET /sweeps/ww/giftcard2/8.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1561
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-619"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrKsrYS8wZNmrxCFNdj3oTiPxif%2BwdJsPmpaeqg1uEadAJ1D3F0ORk7l8dtoDqRea9wOd%2BTC3QvPFC8%2FSYXKKoqx3Zn6rh1Rvizq2vOktmbonT0%2FISHepIweU7PLUx1aoFHMLvJhCgtvbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a8b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/clip_footer_3.png

188.114.96.1

200 OK

2.5 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/clip_footer_3.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 52 x 59, 8-bit colormap, non-interlaced\012- data
Size
2.5 kB (2460 bytes)
Hash
e1b626392882cc25b4d891afaa68afd4
454d7abdbc2548d04feb95436ea0ab4126b4f00b
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f

HTTP Headers

GET /sweeps/ww/giftcard2/clip_footer_3.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 2460
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-99c"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0g2upamAmVMKOEDxHaWlndOyABHOjRFdlvb9nnPUZPowGsXbyJwIfnO4kN9bqxU6J%2Fkk7S140WPlm2P4ZvSTITy5QTlTl0M9sfwYGDX7dYBtc76AjfwzWZ1g6cCvLv%2FX1pAWSGY42JsISQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a9b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/6.jpg

188.114.96.1

200 OK

1.5 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/6.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.5 kB (1495 bytes)
Hash
5cc7c7967e306b120f82fd0db3b457f6
db91fe10bd961a81c0cd0862c5f4836a50e44dd6
5f49dbcc11d1704c3f66ea256fc589c602cee87fea1f10d2d24181aeaf30ec14

HTTP Headers

GET /sweeps/ww/giftcard2/6.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1495
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-5d7"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdoNmSryuyVIviMLkfHTR2VCoZcdzSYek6vE4PY0wKWZZPyxOaabT8sMVhd4YvtLh0ereJRHEHF%2BbJrB%2BBCWFoaLFIOFcqAAGK6ffvs8hEKtO4VK7T0PFglGaz95tTOl7H626ft9AENT3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958a6b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/gift.png

188.114.96.1

200 OK

4.1 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/gift.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 84 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4051 bytes)
Hash
9c8a99f8106a7e0c99be0e2333301537
ff30510621a4e58a72b2adaf5270fed28c944307
4fda556b7901692f8165abb1f7eea0a42f5fc54d0d2b257e8daf5a30b0b8c9c3

HTTP Headers

GET /sweeps/ww/giftcard2/gift.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 4051
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-fd3"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3KF01Zt7MnIwbd%2BWHUaXI3J2S8wwPBSA2SJkBsAdpQUD2rORjOCeMuAYcUT%2BBDpuDLgY%2BSBAWlLqGWfiuGen%2BT%2BMmQtJvD%2B6%2FQfSrJqhTua2rObMK6cmkFlMbIZTRJptRe2M0eoeIqY7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994893b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/3.jpg

188.114.96.1

200 OK

1.6 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/3.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.6 kB (1648 bytes)
Hash
8f52afa9e7a247acf53632fdfd62aa21
45fa6dc2c4bc5f134bcc59bd1b80214daac8f84b
58db8ee68cc5c89b372646ed7c7ac68588fcf2635452a831470e6a572bc49842

HTTP Headers

GET /sweeps/ww/giftcard2/3.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 1648
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-670"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ukrnf%2FqkXvm4MA71XiqXVlwe7ywkaJqpVBL83jadhk3DliLnseoHPAGZ1dgbTaef2EoLnBPV%2Fo1rTD3ZAV3QmGvlhzEO1AKfK4SIts6iTZ4ucTbNOyyAmTUpEAbc2Ucl7LyvHsyt6iHTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489fb4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/loading.gif

188.114.96.1

200 OK

5.1 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/loading.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 50 x 50\012- data
Size
5.1 kB (5139 bytes)
Hash
f4f031edfb2f37765dab11b35eafd026
1901e655edaaf84a56454516189adfa72c1630a4
835f56bb96eb76384dc480bc6c866efb1980d4a36ad42fbc82e46d9167542050

HTTP Headers

GET /sweeps/ww/giftcard2/loading.gif HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/gif
content-length: 5139
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1413"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLLIB3IctQ8JNMnbU6R5f5zCvlYw6YKF7IHwAUuzw2XeijGOMDww79jQYhRkz4WaEsqO2tZDeugYbMSdNo3%2FqjJmyOJ79DoHOmdp7mOmiofn5hbE6vP999K7XmWO47TkuEnxgErBbFSOwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994890b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/7.jpg

188.114.96.1

200 OK

2.1 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/7.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
2.1 kB (2095 bytes)
Hash
3641990a28227bb5ed59021aff1d14e3
e6897de78a1019809f344f738a8ce2e757e10cef
8d7dc01c529864b54f1d3e7bffb73649056cea39a1907daadc18254e139c2cd6

HTTP Headers

GET /sweeps/ww/giftcard2/7.jpg HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/jpeg
content-length: 2095
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-82f"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kjAruuEpct%2Fd2v15l8ae%2BnSq1qMtJyS%2FkZut%2Be9yOjBJog4r24zV2KvIwjU0afz07SnQkVC6mjlYA8F28hoXafEpm5Ih6exYsYZ9y%2FgcCcwrWDiJtFZgOXSPYHomwjAI6i1N0g5rrV7XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499489db4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/prize1.png

188.114.96.1

200 OK

8.2 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/prize1.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 86 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
8.2 kB (8215 bytes)
Hash
6290cff800ceb96ee20d5a19d0664880
ec920e4a2ecb24a6efec0dd55dd72f636c198d29
d110d7d2f6ea28a3f3e757b7d73f88d9f8d5b2974cb46b4c19e9bed9afc7d5e6

HTTP Headers

GET /sweeps/ww/giftcard2/prize1.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 8215
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-2017"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6bu3pOd936WaYDdEjVuY3aIfLTbdUdShFHEBbc%2FokLu1vgLgvhzf3RFjAOaHetp1I3ho%2B4wH0K%2BOVG8p6bDFMUXOirvHGWG54PRKafRhpdgPb4PosWOzsKup1QNMIGqcCEukh8ttifCsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994895b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/comment_action_2x.png

188.114.96.1

200 OK

641 B

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/comment_action_2x.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 24 x 120, 8-bit colormap, non-interlaced\012- data
Size
641 B (641 bytes)
Hash
e9b3872b3e63e19728176d45f0aa6986
b638f89d5d80c4cd65327da973c52f778e30bd55
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5

HTTP Headers

GET /sweeps/ww/giftcard2/comment_action_2x.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 641
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-281"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cneHOk9QBWJqgbkqE0epdyU%2B9SrQkNE%2FSOORym%2FgNFSNqspeWp5SKNKIRBKovgZQSKDCEVuMInn%2FQMwwDcN%2FibI%2BeNkJwOmzxpnwYFXgdNIdyg60lkChCffPwUGhCk7t2y5aHKU8l3PW2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a1943b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/action_icons_20px_2x.png

188.114.96.1

200 OK

1.7 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/action_icons_20px_2x.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1726 bytes)
Hash
b699975b5fe73b087e711a33ff24ee1e
0e33cc5c32a5e7d18440751e3946076664caaf53
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e

HTTP Headers

GET /sweeps/ww/giftcard2/action_icons_20px_2x.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 1726
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-6be"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eu29nSxW61guJhIKCaQFBllU3RfmT9%2BPfTUkmXCajo9GLsEBkbBadlRuipLheHOXyxTjQHCYER19i3D500%2FgyMtWioiuWaLHKTVER5vMb9rZ9c3s0Ug0waw4Lv%2BvbiOi6f3YkH%2FjRruqXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a1941b4fa-OSL
X-Firefox-Spdy: h2

rs.y1h1.com/backbutton.js

172.67.75.44

200 OK

2.6 kB

URL HTTP/2
rs.y1h1.com/backbutton.js
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4816), with no line terminators
Size
2.6 kB (2632 bytes)
Hash
04ec0b8371d611c8e68dafaa5cd27b50
2a24f4e4f559b1fbc0f2d6395ecbe3762d0b5105
1abbd689f13fa451d6958e410d05285ee01c1c0e5a7d415a9c27f7738628c6dc

HTTP Headers

GET /backbutton.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"61d46677-12d0"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 04 Jan 2022 15:23:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWKDlYFsK9L8ldfZ%2F9xZCLsLr83M2diyGFK7Uz1OMXGdSXzsaQsB%2Fb7UE2WAzMr2Gw%2BstPtfuimdN57SkHusqg047fypO50eB1leLmilAxhGBTktDiNDKvEDiBYvzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da4b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/pw_ix2.png

188.114.96.1

200 OK

74 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/pw_ix2.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size
74 kB (74474 bytes)
Hash
b9df5f56ef0c73de5d98acb6463a5663
935ed05378fd9461d074079f43d53187423138ff
5265aaacece3998b6363becfdd7e2a32eb53fb0a292e618701c2dc56a2405f93

HTTP Headers

GET /sweeps/ww/giftcard2/pw_ix2.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 74474
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-122ea"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW6Bcy4CpJ6tJXFZ5UE9UQpB26K6ne8Tf0%2BbHkuMq9Xq3Bvy8nSBHgBeqYYHPtyrubGT%2B38xZOE5glMkW99y%2FyAhDH2B%2F1OF7HAag3dM2%2BSuykAOLbLDdaenSUanrt919EuDdxp%2F%2BCNNeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64994892b4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/notify_2x.png

188.114.96.1

200 OK

1.2 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/notify_2x.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 56 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1157 bytes)
Hash
f13fc2443b52ebc1535d3005ddcccb13
f4f7936ded15daf1b9bc8331e913e7d44d3b0da8
33774a02b8eb284b011ccbcd96e46f10132d50e26ec87491cbb1250dcd1140b2

HTTP Headers

GET /sweeps/ww/giftcard2/notify_2x.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 1157
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-485"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kMf8DIVUHnEJuXV8yiZU7WcyOfk625wPcFdng4nuV%2BRga3pLjtvTV1qLEUrxXF8O1hbEQNEPKruIVpdVkYP%2FQDNDtf8%2FNcT%2BWlBo1R%2Fdkk5FUqq54rvOT7T1yCXfzgtFcPQOgI0WSXOhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a093cb4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css

188.114.96.1

200 OK

4.5 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4468 bytes)
Hash
0ecd5d48f6823acadc162ac5af1aa880
76e8c20278a53f2187775d2e864697ce9b82118c
c98082c6a3243ed06b4230e5be5418baa22f5a479b7b5a8a5ecf977435dc3b97

HTTP Headers

GET /sweeps/ww/giftcard2/jumostyle.css HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/css
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
vary: Accept-Encoding
etag: W/"612a1700-444b"
expires: Mon, 05 Dec 2022 17:30:59 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLxMzhozTWuLc04rSS9%2Fwk5MJNmu7nFjEBhQgX%2BdricR%2F07feaKSpQoi9V2BkPs0xJzZ2PPZ%2FXarv9SoLWjlX40RnTmhcd7jP8bYJ12nx10gRAE0Rlbtd1MUqKLMa3tIGTKIQL%2Bsg3kfKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64993886b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/fonts.css

188.114.96.1

200 OK

20 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/fonts.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
20 kB (20399 bytes)
Hash
0436e9f3db22a0620d049d0c2fe0f9b1
3e9e7f59d44a184520df453dcf2c7679f33cf3af
b5ef58f0d83d326d052c9ac22f8ee407c25dfdf88b57a2a462de7baa9c9fbeb4

HTTP Headers

GET /sweeps/ww/giftcard2/fonts.css HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/css
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: W/"612a1700-11e"
expires: Mon, 05 Dec 2022 17:30:59 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE%2FWVPYRYBDs%2Fl8pBZOWVNyJgPeBxTMeoZNzOk05gt8IOJED3NHgM%2Fs9skkCYFFiwqxDr2yYJZcKYzyGRtdSwiNfk6XUePM4IaVYkzcyzXwXjSgeg7BqCrPSb7foMjIL3GXToX2IDwAH5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a64993885b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/SegoeUI.woff

188.114.96.1

200 OK

246 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/SegoeUI.woff
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 245844, version 5.5\012- data
Size
246 kB (245844 bytes)
Hash
ee10411f11ca61338f5bcaebefbdf700
4c720d1b7f057aa38a9ac184bc209990778dc651
88c5bf1d6f30b660f9764bd76aa70cdefcb11207fdc77d0d0285d95a0bc135ac

HTTP Headers

GET /sweeps/ww/giftcard2/SegoeUI.woff HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: font/woff
content-length: 245844
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-3c054"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuQV3450IYl8A55Ku41gn6EArhWN87GVylDkAu55gwDzXb0TfLcnQtTh9lJg0UVKLpFw9%2FY1wWcRwNra5nAUSrc5UpQCeFpf19BWKeryqbT1ijIWG19bMLe8qOIyfjvmPVuUZp9y9dBhdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a294ab4fa-OSL
X-Firefox-Spdy: h2

rs.y1h1.com/common.js

172.67.75.44

200 OK

7.5 kB

URL HTTP/2
rs.y1h1.com/common.js
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type
C source, ASCII text, with very long lines (17150), with no line terminators
Size
7.5 kB (7518 bytes)
Hash
78b457b2f1af856085731f901d448f4d
d9566c75db0d0cfdf40a9bb24987152f6d619a1c
6b02988eb8a5fbf7bf9f0d548f33b96e6756cfd33de9dd3db1698c62e1fbe4e2

HTTP Headers

GET /common.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6214ae9e-42fe"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Tue, 22 Feb 2022 09:36:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VbbeHObiTLDfS5RVIXHxpNkHVQQOq1tEwi4Q23mMHN3k%2FpvNn%2B3V5ADEjeb060XnKGSYBUnl69V4rl7Y5DpNBH80vSdaQckUCB1%2FdJUefvAZbpkdLwnosF%2FCGViSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da7b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png

188.114.96.1

200 OK

218 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1012 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size
218 kB (217588 bytes)
Hash
569f0618faf737c699990a7b93e5f5b0
61648e75b7583f5c77a6856d70b0abd1913b830d
2d35027ed66ca224dd911778b3862002ca70e3c5282fbc4dde91136701c71922

HTTP Headers

GET /sweeps/ww/giftcard2/whatsapp-official-logo-png-download.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 217588
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-351f4"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK2MvafL01fjMPQlNSnxuootObYBTWW%2Bt4BWDprhkvmbqsD5k%2BF33N1fuSwyMgZ7UOa1JofQMGtjJy0xcIEQT16lW%2FQ%2F8q9KsGZogfX9kmvICFh%2BKCfHWk06izUdghrcDjxb%2BFox3Xz6hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a6499488fb4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/main-bg.png

188.114.96.1

200 OK

699 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/main-bg.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 760 x 1396, 8-bit/color RGBA, non-interlaced\012- data
Size
699 kB (698653 bytes)
Hash
adbccee0708ae3b7a71d9652fb353299
1eb43728f22ca4adfacab76009e48bcb428e2182
077376ddc9c604e63cb3b7552b415042ea1c9f408ddbe3a571f419bb83cd72bd

HTTP Headers

GET /sweeps/ww/giftcard2/main-bg.png HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift8778.giftforyou.top/sweeps/ww/giftcard2/jumostyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: image/png
content-length: 698653
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-aa91d"
expires: Wed, 04 Jan 2023 05:30:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98agrmKO1%2FySZUMzSRDHjfaL%2BOmR3nDnhRb9Ipwbs6nvvVYauyK%2FircBCJj0eYb90SYHA4XdOG6rFEBXelbqMn8B3pGfq%2B30a8UN3WDAfuDTG%2BqObOfGtTbXk%2F8uA8eaTquKxPCF9tO1CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649a093eb4fa-OSL
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/jquery.min.js

188.114.96.1

200 OK

32 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/jquery.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32065), with CRLF line terminators
Size
32 kB (31608 bytes)
Hash
5d49b02ee3a3fc78f171e2bcbf1d8cf6
7d9b5e5c0ba76714f9fbcd82746b4880676349f7
96917eac1fa334b1440a16c2e5dae9fd83e63b701e099e1848aec5e90d39fe3f

HTTP Headers

GET /sweeps/ww/giftcard2/jquery.min.js HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
vary: Accept-Encoding
etag: W/"612a1700-14e4e"
expires: Mon, 05 Dec 2022 17:30:59 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pqv8tq1vZgbH0w6hX4y%2B%2B7WtnWUb7Gq2Wjxibg4Ge1ork%2FPmASWTE1YykpZR8R5Uz6ZcAyRB%2B%2BeURNcd2vbrQ7ph25pDuG5PlRDRG%2FkzLoz4bdegYDpIhhsCsLgFXtJbmJ5%2FUN%2BkdOUNbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a2948b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
67eaf80416802078cf20f6f8328ca0bb
d9cbffdc1972eec762e18fb620e4efe5169be163
12c2cddb038dc58e56c84a521b6f17b66ec54427a738fb8a46a4d95ceec9abbd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:59 GMT
Last-Modified: Mon, 05 Dec 2022 05:30:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

rs.y1h1.com/load.js

172.67.75.44

200 OK

80 kB

URL HTTP/2
rs.y1h1.com/load.js
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7056), with no line terminators
Size
80 kB (79583 bytes)
Hash
da0408753b0e7b9e2528dcb1c033f7d2
10bec373bc234d3fb229199ea3fea2112f4f550c
9d458f6dd8ddfa4b9f5ad0dd283ca62ad79c00f83a8ef907b9a62f77d32d9932

HTTP Headers

GET /load.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6311dce6-1b90"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Fri, 02 Sep 2022 10:37:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNa6EBWQ4g%2Byy%2FT1egxozX6fMI3g1INmSwzwXhhqbMn19gvcaTZpbagN2kNZ%2FHzkGyBBYGBRSHtFaqBA4EtfbeLmd98lYhO204KhaGOa210qvCGlAJ9gk4tkUu5MYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da6b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

t.y1h1.com/update?eventSub3=view&event3=1

172.67.75.44

200 OK

2 B

URL HTTP/2
t.y1h1.com/update?eventSub3=view&event3=1
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

GET /update?eventSub3=view&event3=1 HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift8778.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/plain;charset=UTF-8
content-length: 2
access-control-allow-origin: https://gift8778.giftforyou.top
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BxYBq2LCHXschNrd6KcTJbBqlHymuCaQXgCyaKcJo9LNPPYtZWVdDR2VUP8l2svBZhEiXAboqdUrH1ELBaaRdXyGQikNZAUPDhBl03aJmQONycDshe7mTyVEPHW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649c7ea1b527-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3906
Expires: Mon, 05 Dec 2022 06:36:06 GMT
Date: Mon, 05 Dec 2022 05:31:00 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3906
Expires: Mon, 05 Dec 2022 06:36:06 GMT
Date: Mon, 05 Dec 2022 05:31:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3906
Expires: Mon, 05 Dec 2022 06:36:06 GMT
Date: Mon, 05 Dec 2022 05:31:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6173 bytes)
Hash
3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 27765
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6430 bytes)
Hash
3c36448c65274ebbe1eb21e3bf02385e
e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28
6f17788a394f1305755805a1b92117b1c1a03a1e3a075cb97a0da5184d574553

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kYXmy10msfeWdDYgvq0PXyGpy9UJyQkSLAhR_Q5PQMllJPXOOTnalw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:53 GMT
age: 27907
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8660 bytes)
Hash
fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 27765
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9825 bytes)
Hash
37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJYTPoArDEx6lR34nZ3DPCAtuWr2lW5qybqaGAu1gSQVdfRq8zlhOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 27237
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11253 bytes)
Hash
557fea28a0a540d2ffdadd828e03de0b
c314368e2e73dabf2c5d856e2c3e1fae610a3005
0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iT3IPDIK-qKf-y1_x7hZNSW-4GqKLNuX6U__8bY8eZP178PPnD0IeA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 27237
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/newmain.js

188.114.96.1

200 OK

20 kB

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/newmain.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
20 kB (19559 bytes)
Hash
864025d09a29af1423a402df4adf1b5e
7fd8c0bd34073417279562c1477795d83accd8bc
b11487df90f59a73020ea1e2825bb311d2c23dbf1fd4107d3b3fc4ec9620ae6b

HTTP Headers

GET /sweeps/ww/giftcard2/newmain.js HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
last-modified: Mon, 18 Oct 2021 21:08:10 GMT
vary: Accept-Encoding
etag: W/"616de23a-110b"
expires: Mon, 05 Dec 2022 17:30:59 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWppqoxVt2DKpH8XoiRahzT76DSCMR7lJrDqosZpS5ujPeVyWhKLKlEGtIkr0uX6sxS7TKMt9buxV7UGIjcjdAH35KfY9xM6uKvebOFaAV6TooDWKhJ4sYSqRTK%2BpjJx%2FNA%2FNv%2FNM5RHSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a2947b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.35

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift8778.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 555663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.138

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 05:17:04 GMT
expires: Mon, 05 Dec 2022 06:17:04 GMT
cache-control: public, max-age=3600
age: 836
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main

142.250.74.138

200 OK

75 kB

URL HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1613)
Size
75 kB (75035 bytes)
Hash
110765e1accf41111543c29721c78b52
3eeceb853d592a297162325f20f0420e136c875a
b5fb084ee4491e64fca48643106c0eb338212638caafdad88ff91e0d4198b589

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 00:23:32 GMT
expires: Thu, 30 Nov 2023 00:23:32 GMT
cache-control: public, max-age=31536000
age: 450448
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 286977
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 305417
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100&gtm=2oebu0&_p=2040259985&cid=48527680.1670218257&ul=en-us&sr=1280x1024&_s=1&sid=1670218257&sct=1&seg=0&dl=https%3A%2F%2Fgift8778.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1670218258-LyLIHy%26utm_medium%3D1962%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16587014215188d458%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100&gtm=2oebu0&_p=2040259985&cid=48527680.1670218257&ul=en-us&sr=1280x1024&_s=1&sid=1670218257&sct=1&seg=0&dl=https%3A%2F%2Fgift8778.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1670218258-LyLIHy%26utm_medium%3D1962%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16587014215188d458%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-37GE99Q100&gtm=2oebu0&_p=2040259985&cid=48527680.1670218257&ul=en-us&sr=1280x1024&_s=1&sid=1670218257&sct=1&seg=0&dl=https%3A%2F%2Fgift8778.giftforyou.top%2Fsweeps%2Fww%2Fgiftcard2%2Findex_en-us.php%3Fvid%3D1670218258-LyLIHy%26utm_medium%3D1962%26utm_source%3DRedirect%26utm_campaign%3D0_AutoSmartlink_Auto%26utm_content%3DSmartlink_RandomPub%26isp%3DBlix%2BGroup%2BAS%26city%3DOslo%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16587014215188d458%26ck%3D2&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: null
date: Mon, 05 Dec 2022 05:31:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rs.y1h1.com/checkbot.js

172.67.75.44

200 OK

0 B

URL HTTP/2
rs.y1h1.com/checkbot.js
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /checkbot.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6222c2ff-1fef"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Sat, 05 Mar 2022 01:55:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4PUF%2FhS9vh7n86A9btDwUvn54inZc6oNVUyc2tTF9neeMDJ%2FeuL5m4iOHfiLX9ee8ZAEOl2pTQv4klh3MxLiL5GeH6Vo7%2F8%2BIEmWzlk8fHLADB73USt9rp5k5iK9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da3b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

rs.y1h1.com/trans.css

172.67.75.44

200 OK

0 B

URL HTTP/2
rs.y1h1.com/trans.css
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /trans.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/css
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=417
etag: W/"60837b07-1a1"
expires: Mon, 05 Dec 2022 08:23:48 GMT
last-modified: Sat, 24 Apr 2021 01:57:27 GMT
cf-cache-status: HIT
age: 32831
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dVABF5hvwKQxdhvjWoiSLAZQGKv6EtZb64P4Whe3VmFvY%2FzYmXaeyhcinLr%2B56X4o1i2ipzCih6wOc%2Fd1zCSHaw4A2OyirDDgEvnSZjZG%2FIfJ6bgNFvbTuRfcEBBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649bce89b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

t.y1h1.com/recaptcha/verify?token=03AEkXODCnYp7Btha77ZWe0lbLQWT9HTpAkMF7gobEQeTplEu6n9dfCOqMjIup0SNu1gvE-8CE9ZFKtmUYds-qxd1wB7d7pnTVu-IjNyygzmbygOB4FgVyRKwga8lqe5JFj4l_hFIOgOv76GzdtE2WcgPUazqhh3_KtKvSMJnqc1JQUl7zFFlCca_BurPpC9oPd0IDpO4rEIlufgUjPR7_tCNurFobocu85uK_fLFxK6AF6xCKmBIpgGJnvkP82aiVDsBAXBlajnyqfn84Vig0D3UatWDNll9Qgse78cNasvQ0Byk-XUUcM6Umm4yg3WkO6idcmO4NRoNEhpSz9B7pQ7MgagvG2t_kjq_asPV6rHYl8gE2BW66WBPV47AnxaMehM_hvrh71exn3F46l0VWy7cef8yMoRINXxxIiIXifJkHK7GwPKpq119W90t_LGc0V9Jruw3J079NWejQ-vPp_7ElF44qbXb38TIGN2kKE4oRuC07duebNjzYAfTslbHBMU2EoUkX8OYS&vid=1670218258-LyLIHy&eventSubField=eventSub9&eventField=event9&botScore=0.5

172.67.75.44

200 OK

0 B

URL HTTP/2
t.y1h1.com/recaptcha/verify?token=03AEkXODCnYp7Btha77ZWe0lbLQWT9HTpAkMF7gobEQeTplEu6n9dfCOqMjIup0SNu1gvE-8CE9ZFKtmUYds-qxd1wB7d7pnTVu-IjNyygzmbygOB4FgVyRKwga8lqe5JFj4l_hFIOgOv76GzdtE2WcgPUazqhh3_KtKvSMJnqc1JQUl7zFFlCca_BurPpC9oPd0IDpO4rEIlufgUjPR7_tCNurFobocu85uK_fLFxK6AF6xCKmBIpgGJnvkP82aiVDsBAXBlajnyqfn84Vig0D3UatWDNll9Qgse78cNasvQ0Byk-XUUcM6Umm4yg3WkO6idcmO4NRoNEhpSz9B7pQ7MgagvG2t_kjq_asPV6rHYl8gE2BW66WBPV47AnxaMehM_hvrh71exn3F46l0VWy7cef8yMoRINXxxIiIXifJkHK7GwPKpq119W90t_LGc0V9Jruw3J079NWejQ-vPp_7ElF44qbXb38TIGN2kKE4oRuC07duebNjzYAfTslbHBMU2EoUkX8OYS&vid=1670218258-LyLIHy&eventSubField=eventSub9&eventField=event9&botScore=0.5
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /recaptcha/verify?token=03AEkXODCnYp7Btha77ZWe0lbLQWT9HTpAkMF7gobEQeTplEu6n9dfCOqMjIup0SNu1gvE-8CE9ZFKtmUYds-qxd1wB7d7pnTVu-IjNyygzmbygOB4FgVyRKwga8lqe5JFj4l_hFIOgOv76GzdtE2WcgPUazqhh3_KtKvSMJnqc1JQUl7zFFlCca_BurPpC9oPd0IDpO4rEIlufgUjPR7_tCNurFobocu85uK_fLFxK6AF6xCKmBIpgGJnvkP82aiVDsBAXBlajnyqfn84Vig0D3UatWDNll9Qgse78cNasvQ0Byk-XUUcM6Umm4yg3WkO6idcmO4NRoNEhpSz9B7pQ7MgagvG2t_kjq_asPV6rHYl8gE2BW66WBPV47AnxaMehM_hvrh71exn3F46l0VWy7cef8yMoRINXxxIiIXifJkHK7GwPKpq119W90t_LGc0V9Jruw3J079NWejQ-vPp_7ElF44qbXb38TIGN2kKE4oRuC07duebNjzYAfTslbHBMU2EoUkX8OYS&vid=1670218258-LyLIHy&eventSubField=eventSub9&eventField=event9&botScore=0.5 HTTP/1.1
Host: t.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift8778.giftforyou.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:31:00 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://gift8778.giftforyou.top
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTi0LiRqQLYBKhcYJIJ%2FZGOnXhzNW7dK3otTkPYMns9p3QlQcUT93fb%2BsSutTMXiVt1u26dsoSklqf9FxGIKeK%2BEMF9nYvevPhCWkFo%2FRJ3skHrVz7hB91iWAbLz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64a1fa4cb527-OSL
content-encoding: br
X-Firefox-Spdy: h2

gift8778.giftforyou.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

188.114.96.1

200 OK

0 B

URL HTTP/2
gift8778.giftforyou.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjRfyf6p4YYUlhBnXIUBXPEYc2bRwUuykGumUhjEOJWXtEJbi8J6rNTwVKMj%2Fb62meFAKTFqafrWwxTeCVvp14TsIWoQFoRYhQpbCYI4KhKxABmvKQbUHEoSziyX3K2Y7omEul3wElZUEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a649958abb4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 07 Dec 2022 05:30:59 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

rs.y1h1.com/push.js

172.67.75.44

200 OK

0 B

URL HTTP/2
rs.y1h1.com/push.js
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /push.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"61d4671f-2950"
expires: Mon, 05 Dec 2022 06:52:49 GMT
last-modified: Tue, 04 Jan 2022 15:26:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 38290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yRi62sj508qcNFLS%2BLUX4oHjRhwn5jxPcHS25QTuuy3L%2BUQFtERQUaxxBER4aT8JkbW73ebGc0rFvpJYgzy%2F3pqqpoX8inOOlhzgRvV9Ilpf0KrYLCViYVHsDnOxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649bbe83b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

rs.y1h1.com/copy.js

172.67.75.44

200 OK

0 B

URL HTTP/2
rs.y1h1.com/copy.js
IP
172.67.75.44:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /copy.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: application/javascript
cache-control: max-age=43200
cf-bgj: minify
etag: W/"6308a3c6-ea8"
expires: Mon, 05 Dec 2022 17:28:35 GMT
last-modified: Fri, 26 Aug 2022 10:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdidTJwRKc%2FEO0l9ELmc%2Bzp9xYfWx03GM%2FhWdpMV0Etydqtwe2iKB%2BtHc2CeevwMx80C4YacJszc4StgChGInKP%2Fz4EYcyNepnWl8QRMYSBzZ3UvRdkEjwrRV9lA5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a649a1da2b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2

188.114.96.1

200 OK

0 B

URL HTTP/2
gift8778.giftforyou.top/sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweeps/ww/giftcard2/index_en-us.php?vid=1670218258-LyLIHy&utm_medium=1962&utm_source=Redirect&utm_campaign=0_AutoSmartlink_Auto&utm_content=Smartlink_RandomPub&isp=Blix+Group+AS&city=Oslo&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16587014215188d458&ck=2 HTTP/1.1
Host: gift8778.giftforyou.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 05:30:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5pxztAxMbWjGr8P1NiIq3ZH9gAVk%2BWyfmCKqnhTxdk%2BytUD44Eg3jeRAdE8Er%2BtDz6zszNx1W%2B8yFMTdNF5pgBOQTmEG9Ablc8WKI7m2mz3amIEab0859y1Qf3FIPJnIznDd%2F9yqgm6pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a64983fd6b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations