| fastweblink.com/418d1a5a-5e99-40c4-8789-07b01f610385 | 18.156.16.63 | 302 | 0 B |
URL HTTP/1.1fastweblink.com/418d1a5a-5e99-40c4-8789-07b01f610385 IP18.156.16.63:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /418d1a5a-5e99-40c4-8789-07b01f610385 HTTP/1.1
Host: fastweblink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Thu, 23 Mar 2023 20:54:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Pragma: no-cache
Set-Cookie: 418d1a5a-5e99-40c4-8789-07b01f610385-v4=PNBaoS_YnhiBdgAhP6hqf8ru1BZxNTGHpLBr4cwPj3M; Max-Age=86400; Expires=Fri, 24-Mar-2023 20:54:29 GMT; Domain=fastweblink.com; Path=/; HttpOnly
cep-v4=qOIY3YiZdkw-J6mCRY-EWQLPil84_gqk61m3mtisU88amsyTiCsGPlfv88iFc7IJagwW6s0I8lSR9rMBUAnsRn9RtbejnoXOFpOlHBbSnxvYHyvMSdvB95KJP-2n9fXocYNyamyYnaGFjVr3-g9xAi9ht2rVd1PQkV1t7Jwt1CRvPmoJ72sSR-FDjwH4YCzmPFw7Yr42PafdZU5QvAROt08kQ5rt17bMOEs96QpIeGeembm83COcn_T19N_0gBekOXWSrMdUVTBJR8EcSRjw0m0qOyXluLoIvttrdsQk9lPg0zUR1DyCkffkHA0tUhEz5FI_R1gbB0aQqU5CwURa3zjpIzojlUveWbLSU1q649M; Max-Age=86400; Expires=Fri, 24-Mar-2023 20:54:29 GMT; Domain=fastweblink.com; Path=/; HttpOnly
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbea3185dd820a31c1981317f37c3456d 1a548a5d27270fc11df9011837a7149571cedd78 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18398
Expires: Fri, 24 Mar 2023 02:01:07 GMT
Date: Thu, 23 Mar 2023 20:54:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash65fc860bc043f3fb83bdc3debdcd322d 418010755deae099ef1284e402813c5837a10f42 d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14725
Expires: Fri, 24 Mar 2023 00:59:54 GMT
Date: Thu, 23 Mar 2023 20:54:29 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 20:15:07 GMT
content-type: application/json
age: 2362
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdc2752d83fbed82852248898a132467a b27a6b4af2e07663a58cafb641513f7224c7a7c3 ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20664
Expires: Fri, 24 Mar 2023 02:38:53 GMT
Date: Thu, 23 Mar 2023 20:54:29 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h8bl3L33pgC0g4lTfo7a9cFoIBNzKteBfqv9XrRMRGpFjE73yxXaS8Fy4xsGX2fibLBMjbOIIzY=
x-amz-request-id: DN9HXHJ68TVFHXNZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 20:00:05 GMT
age: 3264
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 20:54:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash36aca5e9cec523ef91439186e26bb420 0c849baae95c1f97f85fb868043803ce6e1705c6 97d670581b56a4a96b2ae63a882e27b77d59f03006d3c818e3797b8d344d8c22
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126393
Date: Thu, 23 Mar 2023 20:54:29 GMT
Etag: "641c073e-1d7"
Expires: Sat, 25 Mar 2023 08:01:02 GMT
Last-Modified: Thu, 23 Mar 2023 08:01:02 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: htWl6Y4VmyNuet7AVWhv-po1rpnZ8UOs9JPmhiNjB7I2-lKl3QNM7w==
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg | 54.230.111.121 | 200 OK | 32 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data Hashd4655cba21d806e849eed4e4119fbe1a 6453039d85005643e9d65074ca022f63b5d47cdd 90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7
GET /1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 32496
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:03 GMT
etag: "d4655cba21d806e849eed4e4119fbe1a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Wqirulko0242uQeZoiq-Mz9LdhTD8RGJkm8y19ihaaVlho-QrSIo7A==
age: 73106
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/prizes/iphone-12-pro-max/default@0.5x.png | 54.230.111.121 | 200 OK | 20 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/prizes/iphone-12-pro-max/default@0.5x.png IP54.230.111.121:0
File typePNG image data, 250 x 179, 8-bit colormap, non-interlaced\012- data Hash21c566d339878bab58101cee37adbce8 741159c0dd360a904ffcb63057e165d57e8fedd4 18f266f89565ca902fbf9c6dca8abff01cf0e29e1eafbcf6e93a832126d1b3b2
GET /1/prizewheel/cash/trcash/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 20297
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:01 GMT
etag: "21c566d339878bab58101cee37adbce8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gw7Aq6v6bzYOC0HIF0miJZEfDQ5P1yUPDVGyWnXpfY4t6KkNjuJ_Zg==
age: 73110
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/css/app.css?id=c588c17324f2be0e0ec9 | 54.230.111.121 | 200 OK | 33 B |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/css/app.css?id=c588c17324f2be0e0ec9 IP54.230.111.121:0
File typeASCII text, with no line terminators Hashc588c17324f2be0e0ec90a18f39e7d7c 69d360eddd15f527aac7f7e610346517732b7770 b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /1/prizewheel/cash/trcash/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 33
date: Thu, 23 Mar 2023 06:54:12 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "c588c17324f2be0e0ec90a18f39e7d7c"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 47PNq9tga3EEpgotVVi52cp7yHAyuXwdbvV6sVxl80U3lEE5JJcxuw==
age: 50419
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179 | 54.230.111.121 | 200 OK | 977 B |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179 IP54.230.111.121:0
File typeASCII text, with very long lines (977), with no line terminators Hash15b1bae461854d516179a34a8c9b5f08 330c1d191253fe07c5fe6b5af37872408f2e5904 1bd25e467ea078265aee433e0cf9732a7e127514304634590a2de17fb2330896
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /1/prizewheel/cash/trcash/js/app.js?id=15b1bae461854d516179 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 977
date: Thu, 23 Mar 2023 06:54:12 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "15b1bae461854d516179a34a8c9b5f08"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kVmuriRPHbpRZEB86dkyjxvomOu1VwicQx7a1j0Hrc87CcSZsZtO8g==
age: 50418
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/notification.png | 54.230.111.121 | 200 OK | 449 B |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/notification.png IP54.230.111.121:0
File typePNG image data, 30 x 28, 8-bit colormap, non-interlaced\012- data Hashbd5203f2cc9e7a9125e4575e029541b0 9fa565ab2f4b55da4735b79e529562252b3c9afe db94c8ae725f947f20e12df29e6b6c8ade5ffcd5a7dc9ffd9be0351d963f826f
GET /1/prizewheel/cash/trcash/img/landers/prizewheel-fb/notification.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 449
date: Thu, 23 Mar 2023 10:30:59 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "bd5203f2cc9e7a9125e4575e029541b0"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tvWFcZq-kFQOqe7hkH99ssQs3Bp2D6ngqbz3U3Y5Nw57SHXpnElLTw==
age: 37412
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/loader.gif | 54.230.111.121 | 200 OK | 5.1 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/loader.gif IP54.230.111.121:0
File typeGIF image data, version 89a, 50 x 50\012- data Hashed786659a534e0d183c09a90c50abc9d a6c3d90bfaa86a7cda490bc5d04c8939c31a414e cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97
GET /1/prizewheel/cash/trcash/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 5083
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 20:54:30 GMT
etag: "ed786659a534e0d183c09a90c50abc9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wG7B11_5ShhhPXCEZzfagGocy9G_rXkflANvtPo_C1JHiICM0S5yZA==
age: 23941
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 20:14:33 GMT
age: 2397
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3d6e46c78046ed77c7cef9584d4fbbf2 af4b692d705633e4c5c0e03de36f778f6b4d9710 004eecd5ee4f2786adaaa51ca0358873a05b0407d26219dfd7ddc6250542a6d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "004EECD5EE4F2786ADAAA51CA0358873A05B0407D26219DFD7DDC6250542A6D8"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20610
Expires: Fri, 24 Mar 2023 02:38:00 GMT
Date: Thu, 23 Mar 2023 20:54:30 GMT
Connection: keep-alive
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_static.png | 54.230.111.121 | 200 OK | 3.4 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_static.png IP54.230.111.121:0
File typePNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data Hashdc484e0043b5ff6191b1880c8779863c a5b67e3dff3dea3940eed090431aecbb36611b1d 30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6
GET /1/prizewheel/cash/trcash/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3370
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:04 GMT
etag: "dc484e0043b5ff6191b1880c8779863c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r2VScM7DhARDUxwclUMxTh2uUstnD_Tx6KheH6BEPL4Galu1-sFI9A==
age: 73107
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/3@0.25x.jpg | 54.230.111.121 | 200 OK | 2.5 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/3@0.25x.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hashe69e56799051d24a67414a67301ac984 7d7db0281213342c25abf9e08937e38c7d1e8449 cff50b269e3afdcf620ba9a8f6d3ac55b03a953136f3148d1b3296798bf57210
GET /1/prizewheel/cash/trcash/img/profiles/mena/female/3@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2506
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:04 GMT
etag: "e69e56799051d24a67414a67301ac984"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xv1qwSDUa4CuDwI3XkXbpQ2uh64auNkpXKrnxEBHwSPcsOXc15vSiA==
age: 73107
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/10@0.25x.jpg | 54.230.111.121 | 200 OK | 3.2 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/10@0.25x.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hashf8002e02aac0ac1bb22d2c80f36ebf15 bf277a8747caf561b91a25860e772cf0f1a834a5 0e98e32d27f59276dc137de153e32c28220a635701413565a4646dc8361fd94c
GET /1/prizewheel/cash/trcash/img/profiles/mena/male/10@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3175
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:04 GMT
etag: "f8002e02aac0ac1bb22d2c80f36ebf15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y7p-kVoh7x75SxGWXGc27DrIsnq442GTepoQaUrl1m4934pynyW0Og==
age: 73107
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/1@0.25x.jpg | 54.230.111.121 | 200 OK | 2.9 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/1@0.25x.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash4ccf612375cb7df45e271ecd2983281e db4bc5414c30c39531e38c9a3f34b087cd68b4b6 75f237c0722d2dd3ef7d7e4bad43a70ac57bad90c81b9cb8b9c9b445c0a76a1b
GET /1/prizewheel/cash/trcash/img/profiles/mena/female/1@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2853
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 00:36:04 GMT
etag: "4ccf612375cb7df45e271ecd2983281e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E_ej0aQI2o5Q1yFRK5fE-AYtILn_nVnZMoTi2iyMNezO1ULgTAk3AA==
age: 73107
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/6@0.25x.jpg | 54.230.111.121 | 200 OK | 3.0 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/6@0.25x.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash5f6bc62e6e66a94b4ce9b971a798ceff 05faaed9dbd1a5462485d4deeed888312a3b4973 cfa55f5831710c40e2429ec2528b080fb2e6b11b560abfa8eaa1710b63770af3
GET /1/prizewheel/cash/trcash/img/profiles/mena/female/6@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2950
date: Thu, 23 Mar 2023 06:54:13 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "5f6bc62e6e66a94b4ce9b971a798ceff"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QSRSY8U65SYslsmBI6Y4qn7tSRRRZNGpOosI1iOit4IeHNkwfsa-9g==
age: 50418
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/9@0.25x.jpg | 54.230.111.121 | 200 OK | 2.2 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/9@0.25x.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash444a95e7661a07d48ae8a2b7d67792be e31aa744a72a17d6a3e04cd0e6f9a9fc59a47b59 d815f00761793a93ef88b73ea6451d9300a052ce64f454d30f9446af3bd9ccda
GET /1/prizewheel/cash/trcash/img/profiles/mena/male/9@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2224
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 20:54:30 GMT
etag: "444a95e7661a07d48ae8a2b7d67792be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a6-KW3d4CfKy9hUePyQHopwJg7N81u6IeO6ikuXJUo2V_X0pW0utAQ==
age: 23941
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 | 54.230.111.121 | 200 OK | 46 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 IP54.230.111.121:0
File typeASCII text, with very long lines (3495), with no line terminators Hash774d58bf95e2d39f1a3491d63ba9ae96 a8feb2e19bacc2f1bdd2b6b64f810f0054875c7a 79a0b3cbd20f937353d4b50db7622ab6877c1030523b27e7f1ffd003d7b31150
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /1/prizewheel/cash/trcash/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 23 Mar 2023 15:32:36 GMT
etag: W/"cd41123a11e97e0f2444b57d180631a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b7ly1Yg4I5CBUMGCNeH9VxDY3fxTRusTDXUG2RW60lHIo6ZUZdfXzg==
age: 19315
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/5@0.25x.jpg | 54.230.111.121 | 200 OK | 2.8 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/female/5@0.25x.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash6063e3355d6e928b55810c359ee1d382 a6a19cb61b8a8f9ed538a6467a7a41ed85fc01ad 9db1c16bd8c27942b3d83cff9d81462ced2b7827ab45fe53ff3fcec32ed138d9
GET /1/prizewheel/cash/trcash/img/profiles/mena/female/5@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2787
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Mar 2023 20:54:30 GMT
etag: "6063e3355d6e928b55810c359ee1d382"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bldx-cde8JNaMiwckzOzAgwcrk4fEuRne8GHWXHxuvYL7MenrDQF8w==
age: 23941
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/2@0.25x.jpg | 54.230.111.121 | 200 OK | 2.3 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/2@0.25x.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash07ee3d87dba4f97110c83432fcc8f3f6 80f21d2258991eaecca028683f58b16019bf9deb 50479fd6ff7c08b64aa01f0a415bba20d8ddd79a43becae604955e9086098cff
GET /1/prizewheel/cash/trcash/img/profiles/mena/male/2@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2258
date: Thu, 23 Mar 2023 06:54:13 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "07ee3d87dba4f97110c83432fcc8f3f6"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TIGZ8RUhmFttbLG3-Sd9rDyghOmXn7sa-XPCEROAv7la5zk_Mp17dA==
age: 50418
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/3@0.25x.jpg | 54.230.111.121 | 200 OK | 3.3 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/profiles/mena/male/3@0.25x.jpg IP54.230.111.121:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data Hash49f1b40f2ed2ef127cb64293ae8b1524 7939aacf51d0ba9b4358cb17ef40eb91fa31e27b c5e6dbfaac2e982618aa4ea88a1785ca965b57f3149551f194cdaae2d8406a53
GET /1/prizewheel/cash/trcash/img/profiles/mena/male/3@0.25x.jpg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3301
date: Thu, 23 Mar 2023 06:54:13 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: "49f1b40f2ed2ef127cb64293ae8b1524"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NJM6KeuEFVUFxx7RQfBT7WleiH-CmtygNOCUSHQ1oG9w2EN5044bwA==
age: 50418
X-Firefox-Spdy: h2
|
|
| desekansr.com/zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2desekansr.com/zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest IP139.45.197.250:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5378963&is_mobile=false&domain=giftz4u.xyz&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://giftz4u.xyz
Connection: keep-alive
Referer: https://giftz4u.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 20:54:30 GMT
content-length: 0
x-trace-id: 5cd1e6c8ff8ab005c073620550b28e7b
access-control-allow-origin: https://giftz4u.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash050ca4dc2182e0a27573b0d9f32b7834 bec14dc5af0d0b32210470673511acd8db404308 b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8040
Expires: Thu, 23 Mar 2023 23:08:30 GMT
Date: Thu, 23 Mar 2023 20:54:30 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 54.148.238.104 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.238.104:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rNwkLBYirnxB+/TVwiaHHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9V6CTmpC1LvQm7XJF4pBRPHAgVs=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5010
Expires: Thu, 23 Mar 2023 22:18:02 GMT
Date: Thu, 23 Mar 2023 20:54:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5010
Expires: Thu, 23 Mar 2023 22:18:02 GMT
Date: Thu, 23 Mar 2023 20:54:32 GMT
Connection: keep-alive
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6 | 54.230.111.121 | 200 OK | 51 kB |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6 IP54.230.111.121:0
File typeASCII text, with very long lines (65475) Hashd4b60d6b11347068f86ba148f9ccaedb 50c3f74c22f7e07f3842bbe58ffddaa9b047d747 44dff7a1e7054a2bd8f66391e8892227b27024198d476e19ccc1883c94ab9f88
GET /1/prizewheel/cash/trcash/js/landers/prizewheel-fb/app.js?id=c3c399d8b44b50eee3e6 HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 23 Mar 2023 03:19:20 GMT
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
etag: W/"cdf97653c213f02233f50a1ec975633c"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4eC0PSqwAIAbJOf5klIBwlW-vgBq9TugRlV-PncRbpb3lM04_zzEUQ==
age: 63311
X-Firefox-Spdy: h2
|
|
| desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js | 139.45.197.250 | 200 OK | 20 kB |
URL HTTP/2desekansr.com/pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js IP139.45.197.250:0
Hashbfa3bd4f552b8b1000c040a67ba6b1c3 6631fc48ee90b9a7a4156f5a4c01c372f2afd837 b52c6b444002ff2a743867877dc6fee4dc858ce29132879637a476463f4b96c2
GET /pfe/current/micro.tag.min.js?z=5378963&sw=/sw-check-permissions-f40a4.js HTTP/1.1
Host: desekansr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 20:54:30 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 15:32:57 GMT
etag: W/"641336a9-a161"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc05bfdf1411a931d8ea9adc64b07bc74 156ef59e53564a4f2b27002b2695fafecd578d82 15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:34 GMT
age: 83458
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash412bd6aea60211324e649d7d920601d2 a813976bda850a584b5ab94d9a70bfe0da69aca0 d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 3EQiNxuVVZEQZb14f9NC8565Ky3LV0Oj5JWg-_fVc9-B91xgBuHB5Q==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:48:05 GMT
age: 83187
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf4a771935927950222124e14b56046df d07fe53e4ac41048497b2732c017f6666c3eda9e 4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:33 GMT
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
age: 83459
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6f0b9e85381489dcf646c251722b21d4 5f7ea91288a2170bcabdca6be296718c4191eacd 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:09:40 GMT
age: 81892
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4e89d0b1281259e7399294fb5fa19d2b 5035ed41f497c97faefae9cdaf42dc07ab468557 f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: g53sZY66fiEL8H79MzI7c7rqI-c-XxMvgB3myz79aw_lE9Aqgc66LQ==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:32:23 GMT
age: 48129
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de | 54.230.111.121 | 200 OK | 0 B |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de IP54.230.111.121:0
GET /1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 23 Mar 2023 13:16:56 GMT
etag: W/"8e75fdbf5442275699fa56274e800335"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7StXXWfrBlrHZhVTNBC2x4V9upAeXSDrTWgKcqOx9K4AutZaQ0YYmQ==
age: 27454
X-Firefox-Spdy: h2
|
|
| giftz4u.xyz/1/prizewheel/cash/trcash/img/fb-like.svg | 54.230.111.121 | 200 OK | 0 B |
URL HTTP/2giftz4u.xyz/1/prizewheel/cash/trcash/img/fb-like.svg IP54.230.111.121:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /1/prizewheel/cash/trcash/img/fb-like.svg HTTP/1.1
Host: giftz4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://giftz4u.xyz/1/prizewheel/cash/trcash/index.html?brand=Desktop&domain=fastweblink.com&cep=Ifbx-jfqWhJ1ZwqjXzCKHk-6nFravT_A5m1GCA_bFj-MJn4zkzCHqUGqa3BQDlDElx666uu_wnn8J3khLjTQE5Crg8rzh71ZDrR6yVt3BSiPv1rw0cVt_hTQGmD8JW9nUvr3XFln-jYLNhMX4qynZ9SQVsjQXT2x-Yib8u_XkXZuxCMbOJAotLmU-qNPKtNSCsC7ETZ8ove7ZJyvQUCv24xmgv2L3x4GxC1p2Dnz4tENzcBVRjKqmQ9JRmge8yi8E4QsAEn7viRvTP_lXRt83hfljyClHT3etvJj1OIVSvwIK4pWWwxzoxG4gtZzjMvQiwd5Ab9HtOtSiHAAzFo9fQt0TF6j2HrS8b78gS9KySE&lptoken=16c4791a608a669c69de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 14 Mar 2023 13:59:12 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Thu, 23 Mar 2023 05:09:53 GMT
etag: W/"765203989756e91925e8f947e660b644"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ke91R9ZU61ORU3id6AOAH0VfO4dyuZKxPHI9gZRYDt73RF8wZLkOSw==
age: 56678
X-Firefox-Spdy: h2
|
|