firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 20:14:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BB1WdJQ4q6vVYEJ9xD1p7Uf8AzMW0cWhTwDs9hdAZGkg5Vem-OaBwA==
Age: 3010
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18285
Expires: Fri, 23 Sep 2022 02:08:57 GMT
Date: Thu, 22 Sep 2022 21:04:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jhmD-wJcn8uB90cywPC4x4G-o-3-AIArInZuaSQ_UivB9OkqVUd-0Q==
age: 59338
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.25.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2512863
expires: Tue, 12 Sep 2023 21:04:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kj3DEf3JOnRlOPEqz6YIj4VPaSoBszc1BfffhSAzZWHGIQLs320OpZT8SBmmAJVKKZXNviSOlKMOeVo9cN8iOS%2FO5%2FTROUleHNQ%2FfxN2jHqdB3Cgae23kbWZDh4FQMBw3iox4Ulk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74edfddf68840b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6036295
expires: Tue, 12 Sep 2023 21:04:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hL1aObUm8KpnT1p8v2dBNvYKMvG1jpMFIQvfvEu%2FaQ6Hdky0WUtL9yBC8CwcS4OIWu%2FxchYiDnm7eJ3MUF%2B%2FIvR18JwUzmwN1M1P3vuA4oeKeKX7gtTVflW6Mhh%2BmbRH9DLCEdjp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74edfddf7f9ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (65326)
Hash 77348602be5574ea01c6e042f63a9b12
1a0d5e8fdf352f8e58351f85152be5d141547e11
57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a
GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:04:12 GMT
age: 15945605
x-served-by: cache-fra19178-FRA, cache-bma1668-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23906
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 151629f36761d6fb6d0e0330239884a6
ebb9c30e5565793e2767735f0647bdf26fed4ab5
53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 21:04:12 GMT
age: 13542117
x-served-by: cache-fra19179-FRA, cache-bma1668-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21785
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1106
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:12 GMT
Last-Modified: Thu, 22 Sep 2022 20:45:46 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 82a66584a54409de933659715ea7acf1
2904c9dd2c2fd80efd000a52df056e4987e406e6
51a9eb00b12985ad6439c2674e9a74f9de368d78bacb6ce9d7bdf7630ff1fb8d
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 21:04:12 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E5F0677E65048107E28CA70799920144DA4D0126"
Expires: Fri, 23 Sep 2022 08:00:00 GMT
Last-Modified: Thu, 22 Sep 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 956
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74edfde008a10b55-OSL
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.138200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 10:39:21 GMT
expires: Fri, 22 Sep 2023 10:39:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 37491
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.postimg.cc/4xXpy19R/facebook.png
162.19.88.68404 Not Found 2.7 kB URL HTTP/2 i.postimg.cc/4xXpy19R/facebook.png
IP 162.19.88.68:0
File type PNG image data, 320 x 320, 4-bit colormap, non-interlaced\012- data
Hash ff125c736fd0092c080f73bb486d9ceb
d790adffabc313b5d4b161ce4c696f4a0480f97a
4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420
GET /4xXpy19R/facebook.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/png
content-length: 2712
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.slim.min.js
69.16.175.42200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65245)
Hash 63f8c134408852106835db2f928cf0e0
7ca0035d2a05154f1f93e19793b2298973cc8733
2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5
GET /jquery-3.5.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 21:04:12 GMT
content-encoding: gzip
content-length: 24606
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663880652.dop208.sk1.t,1663880652.cds260.sk1.hn,1663880652.cds202.sk1.c
X-Firefox-Spdy: h2
www.youtube.com/s/player/64947e15/www-player.css
216.58.207.206200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/64947e15/www-player.css
IP 216.58.207.206:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e82302120581bfc2b2bf7671a35750f7
b27bddbc7416555378933e4ecc32bc2347523c60
7c45ed3daa3f0a578f09bca102a32bea35919104d567cf74f7761a3dd7d43ac9
GET /s/player/64947e15/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49662
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:49:24 GMT
expires: Thu, 21 Sep 2023 14:49:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
content-type: text/css
age: 108888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5846
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:12 GMT
Last-Modified: Thu, 22 Sep 2022 19:26:46 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js
216.58.207.206200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (570)
Hash faf7cb6fdef7f573ad65139bd560afed
e01ff9c1ab3e3a94d92db4c8580b18558256c5ba
e0912caa0cba25c0e92c231d528c723f7bf7d7479c53a8505858c79284013e9e
GET /s/player/64947e15/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97978
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:49:24 GMT
expires: Thu, 21 Sep 2023 14:49:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
content-type: text/javascript
age: 108888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.postimg.cc/d3c3FcM4/Valir.jpg
162.19.88.68200 OK 37 kB URL HTTP/2 i.postimg.cc/d3c3FcM4/Valir.jpg
IP 162.19.88.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 248x408, components 3\012- data
Hash f7275a5fcbe45309b28cf1b9478b9867
fe00691f885ade4086069856308494e89fcb71cf
107f7ccbb2991e724498a2344b6296b816432e29b27be5c3702090dd5e57de7b
GET /d3c3FcM4/Valir.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 36811
last-modified: Sun, 17 Oct 2021 20:01:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/s/player/64947e15/player_ias.vflset/en_US/base.js
216.58.207.206200 OK 590 kB URL HTTP/2 www.youtube.com/s/player/64947e15/player_ias.vflset/en_US/base.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (554)
Size 590 kB (589483 bytes)
Hash e8b450650260181eb9d9b791a3915914
749cd69f8b5d4f55811a5430956ec76b5a4fb4b8
e5b68a656b9ed80054c1921e9fff26cf5ddb0031ff507a722c9a88c6b0ca18b6
GET /s/player/64947e15/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 589483
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 14:49:24 GMT
expires: Thu, 21 Sep 2023 14:49:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
content-type: text/javascript
age: 108888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.postimg.cc/0QVFd91M/IMG-20220524-181304.jpg
162.19.88.68200 OK 86 kB URL HTTP/2 i.postimg.cc/0QVFd91M/IMG-20220524-181304.jpg
IP 162.19.88.68:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:51, GPS-Data, width=0], baseline, precision 8, 265x422, components 3\012- data
Hash a8fec8974135dfdfe138a98ed768dd6e
d33c83970e7d1925731fcc597038dc8da0875488
2c83907d79a687a1d8491370042cf5571834d4ce7f71430a2c79d2c889f0bc93
GET /0QVFd91M/IMG-20220524-181304.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 86172
last-modified: Tue, 24 May 2022 11:26:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 316dd96c27cb1cae8a533df4714092b6
884cf94b1b24b145c72f60e7e36d7012a501f6f7
845cc35126bbeadcd22c6e8ad40d61981c776617f2a7e514dbc9110cf10b2d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de424c85b225196c5a35219b9e3ebd8e
85607bc7f8cd550eceab6a6c236b403ca91662f5
29fe2614f1d16a5e8c89f055ce08a45ea0d89e31f91b014e6cea52411a7902d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1106
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:12 GMT
Last-Modified: Thu, 22 Sep 2022 20:45:46 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
i.postimg.cc/Z5BNzfCg/IMG-20220608-WA0006.jpg
162.19.88.68200 OK 98 kB URL HTTP/2 i.postimg.cc/Z5BNzfCg/IMG-20220608-WA0006.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 494x800, components 3\012- data
Hash 51caaa55dd8525217118bead91291ff4
c95dde7b518e1f9037d8f39034dce2878d8c416d
af1fd5ff7bbb5b2c0de54966a5ab1363d3388769115967d04ca6de276a1b0ef4
GET /Z5BNzfCg/IMG-20220608-WA0006.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 97968
last-modified: Wed, 08 Jun 2022 06:20:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 21:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 21:11:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cahu6EPmIF33rujof3I4yEHMhC9X-j2iM-fsVQ-zM5l7UtNyu24FPg==
Age: 51
i.postimg.cc/6Q28NpYw/IMG-20220524-181348.jpg
162.19.88.68200 OK 84 kB URL HTTP/2 i.postimg.cc/6Q28NpYw/IMG-20220524-181348.jpg
IP 162.19.88.68:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:37, GPS-Data, width=0], baseline, precision 8, 259x420, components 3\012- data
Hash 2c0b805aac8e851fa50c09d85b17b2e3
831f9ffecc963c91629ac2a9c9c2d693607b8575
981016fe4c87fadcc6272ff88a64ff983111930816aec5cb439f936c1d5287a8
GET /6Q28NpYw/IMG-20220524-181348.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 84260
last-modified: Tue, 24 May 2022 11:24:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/6p5mKm7h/1655721923429.jpg
162.19.88.68200 OK 127 kB URL HTTP/2 i.postimg.cc/6p5mKm7h/1655721923429.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 500x800, components 3\012- data
Size 127 kB (127065 bytes)
Hash 021b91e3be1eace2e2618433748bb88d
b8a1ace010d96c063148725ca2f849faa512a5f4
932a81f4a7e27849aa47403afdac2911b6446c102134150433933c970a6c9f51
GET /6p5mKm7h/1655721923429.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 127065
last-modified: Mon, 20 Jun 2022 10:50:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/C1BrTTZd/FanyFuni.jpg
162.19.88.68200 OK 107 kB URL HTTP/2 i.postimg.cc/C1BrTTZd/FanyFuni.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 490x800, components 3\012- data
Size 107 kB (107076 bytes)
Hash 428b2e29a1396c1a68c3399d2c3b71fb
7e3b11b337d2e45c0595508991235e1e577b7712
8546bccaa45ec39e96d8f8e62a54cc6c3eccf179bb6cb14ec8a477632e87e460
GET /C1BrTTZd/FanyFuni.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 107076
last-modified: Mon, 24 Jan 2022 04:02:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/x1P6XcsQ/Zilong.jpg
162.19.88.68200 OK 112 kB URL HTTP/2 i.postimg.cc/x1P6XcsQ/Zilong.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 491x800, components 3\012- data
Size 112 kB (112475 bytes)
Hash bc54c820d676775bcd81234f7b751605
8d0ce0766608d6089244ebf577ae69246530a0ac
df66a08721326009f5f5be05e08d0056a38d128217ab1341ce33268451b3d1b5
GET /x1P6XcsQ/Zilong.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 112475
last-modified: Mon, 07 Feb 2022 22:49:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/PJxGBPQQ/IMG-20220524-181326.jpg
162.19.88.68200 OK 76 kB URL HTTP/2 i.postimg.cc/PJxGBPQQ/IMG-20220524-181326.jpg
IP 162.19.88.68:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:44, GPS-Data, width=0], baseline, precision 8, 260x422, components 3\012- data
Hash 89e965277b68daee285511ff5bfa4f85
a6d8025e96056cfc40f00d5b34dfc1fb34b90512
3d48acf1c00e69c6ff84a2b69e43fb741f22c7cc573dea1a2b35800899ff9976
GET /PJxGBPQQ/IMG-20220524-181326.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 75839
last-modified: Tue, 24 May 2022 11:25:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.postimg.cc/MGr3FKph/Laylaaa.jpg
162.19.88.68200 OK 110 kB URL HTTP/2 i.postimg.cc/MGr3FKph/Laylaaa.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 486x800, components 3\012- data
Size 110 kB (110326 bytes)
Hash ea49da8a836f0d2ebdc520a5d77efdab
785da2684ae1286b29f3ff0d8587b42df2bec61e
411aed626e1a9d80fa36efcd6c827e2730f29885407a04c5de6bc68b062713fd
GET /MGr3FKph/Laylaaa.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 110326
last-modified: Mon, 24 Jan 2022 04:02:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
2.bp.blogspot.com/-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png
142.250.74.161200 OK 27 kB URL HTTP/2 2.bp.blogspot.com/-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash bd173da7555853de60b762b4f5fb66f8
435d86ff96ad5b7296ee6f8e701f3b7045a9bf9b
1213cd035b4e5038179937439f0573d9b6c748bd0e14d71dd690b8ba6bd97ec3
GET /-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="moonton.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 27247
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:55:13 GMT
expires: Thu, 22 Sep 2022 20:56:37 GMT
cache-control: public, max-age=86400, no-transform
age: 540
etag: "v61f"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.postimg.cc/bJ8Sbp3c/IMG-20220608-WA0005.jpg
162.19.88.68200 OK 108 kB URL HTTP/2 i.postimg.cc/bJ8Sbp3c/IMG-20220608-WA0005.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 494x800, components 3\012- data
Size 108 kB (108322 bytes)
Hash 3751a713af077c0a193ff6b7be6eb98f
6a88f1015175420f4812bc5f7bf64124087615e2
e80b2171f65b2fe668af4196f0afe5df85f8043b04d100c7ca1fe612b1f20ec6
GET /bJ8Sbp3c/IMG-20220608-WA0005.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 108322
last-modified: Wed, 08 Jun 2022 06:20:45 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/cCNwZbMj/Hanabiclll.jpg
162.19.88.68200 OK 138 kB URL HTTP/2 i.postimg.cc/cCNwZbMj/Hanabiclll.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 505x800, components 3\012- data
Size 138 kB (138084 bytes)
Hash d16c03d4212819b428da0006364ab721
b5513f255eef1da0453048c2602084f08db3ad00
f7073e83bb987c11e76cd66dddd603baca400711405fc259241c46eb63e2421c
GET /cCNwZbMj/Hanabiclll.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 138084
last-modified: Thu, 06 Jan 2022 17:42:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/K6gX71h/Capture.png
217.182.228.53200 OK 121 kB URL HTTP/2 i.ibb.co/K6gX71h/Capture.png
IP 217.182.228.53:0
File type PNG image data, 158 x 259, 8-bit/color RGBA, non-interlaced\012- data
Size 121 kB (120801 bytes)
Hash c6fc9af2ad6cde27f714a725fdd222c5
be01795da5190dd9d883505b8dda2450848f53ff
0a3c7d66a0b3d5e13aaaa02daf7dbe332670e6f047e132f27336f729fd752ac8
GET /K6gX71h/Capture.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: image/png
content-length: 120801
last-modified: Thu, 18 Mar 2021 18:21:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/vXyxPJt/b6.jpg
217.182.228.53404 Not Found 1.0 kB IP 217.182.228.53:0
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /vXyxPJt/b6.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
i.ibb.co/Pcmw7rP/b1.jpg
217.182.228.53404 Not Found 1.0 kB IP 217.182.228.53:0
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /Pcmw7rP/b1.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 316dd96c27cb1cae8a533df4714092b6
884cf94b1b24b145c72f60e7e36d7012a501f6f7
845cc35126bbeadcd22c6e8ad40d61981c776617f2a7e514dbc9110cf10b2d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/dm2jKFr/b5.jpg
217.182.228.53404 Not Found 1.0 kB IP 217.182.228.53:0
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /dm2jKFr/b5.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
i.ibb.co/sqfMLmk/b3.jpg
217.182.228.53404 Not Found 1.0 kB IP 217.182.228.53:0
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /sqfMLmk/b3.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BeZEcZDjRRtra2U/X1teWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MDhcnYkK519HdDI8WfxbHMTuJp8=
i.ibb.co/DV8nKdc/b4.jpg
217.182.228.53404 Not Found 1.0 kB IP 217.182.228.53:0
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /DV8nKdc/b4.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
i.ibb.co/G9gsVfz/b2.jpg
217.182.228.53404 Not Found 1.0 kB IP 217.182.228.53:0
File type PNG image data, 180 x 180, 4-bit colormap, non-interlaced\012- data
Hash 7325e2012a6cf941a6ea14f0061ff764
0d2ba63e280b979a98bc431bec8a7af985578769
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /G9gsVfz/b2.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04e998861edc810934a4ab40026fc884
e2926c1cd7ef6a5d51ca99ca1d1e977b42339fe8
749070b5881b0096519da1a718ce8b4f4b2655148edb82473e8ba36fed41d8e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "749070B5881B0096519DA1A718CE8B4F4B2655148EDB82473E8BA36FED41D8E3"
Last-Modified: Tue, 20 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19954
Expires: Fri, 23 Sep 2022 02:36:47 GMT
Date: Thu, 22 Sep 2022 21:04:13 GMT
Connection: keep-alive
freegiftmobilelegends22.work.gd/static/css/imryu.css
20.189.78.99200 OK 1.7 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/css/imryu.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type assembler source, ASCII text
Hash dc3d515c72435ed8e3e1b6841d5b85ed
07af65b168ab961f20d827a581fd22206c710017
9d8beb6506eb1be9587a864c3a529929d78a8c27f0b6e5499e579088b14f35d2
Analyzer Verdict Alert openphish Mobile Legends
GET /static/css/imryu.css HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:12 GMT
content-type: text/css
last-modified: Mon, 29 Aug 2022 17:36:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1651
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/css/animate.css
20.189.78.99404 Not Found 1.2 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/css/animate.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
GET /static/css/animate.css HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/css/facebook.css
20.189.78.99200 OK 684 B URL HTTP/2 freegiftmobilelegends22.work.gd/static/css/facebook.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash d69c6616d384a39b47f704390b4e548b
5f479239a2177da457c42bab44e1cf9c3f08d3b4
8fffa35b9cc70924515bd6156e835e3bbcb620431da2f52ff8da09e8214bb9eb
Analyzer Verdict Alert openphish Mobile Legends
GET /static/css/facebook.css HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:12 GMT
content-type: text/css
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 684
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/css/twitter.css
20.189.78.99200 OK 480 B URL HTTP/2 freegiftmobilelegends22.work.gd/static/css/twitter.css
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 090d8755ece1611abe9a0e2ae2c5eba7
3b2a0e6e40f108f0f987e177b7251fa40a5c371e
a8552e3c3982a644600cf2e5b11873e6c20841e15a0ca2cdae3590257e61a0a1
Analyzer Verdict Alert openphish Mobile Legends
GET /static/css/twitter.css HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:12 GMT
content-type: text/css
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 480
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/js/imryu.js
20.189.78.99200 OK 365 B URL HTTP/2 freegiftmobilelegends22.work.gd/static/js/imryu.js
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 03044bd13597eb47b8283f60cfd6bdfb
6105f7e0d970f943931ba0f8645586a91ed75ae0
da7bb0419a0fbd1d9c79697475f3a29671a452e0c0c7f2beea1ad77d95a56aef
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/js/imryu.js HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:12 GMT
content-type: application/javascript
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 365
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
i.ibb.co/w4bp4C1/IMG-20220830-012332.jpg
217.182.228.53200 OK 60 kB URL HTTP/2 i.ibb.co/w4bp4C1/IMG-20220830-012332.jpg
IP 217.182.228.53:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:30 01:22:38, width=0], baseline, precision 8, 338x600, components 3\012- data
Hash fb0ba7bf741eeab4579c36896e874ff5
9b42c554961b7fa611a261822b10cb85475b6e02
cbb055eb75ed51a2cd95e0647bab4d9e1bbdfad39ecce855465abef9a983d6f7
GET /w4bp4C1/IMG-20220830-012332.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: image/jpeg
content-length: 59475
last-modified: Mon, 29 Aug 2022 17:35:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 462735
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freegiftmobilelegends22.work.gd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:23:43 GMT
expires: Thu, 21 Sep 2023 20:23:43 GMT
cache-control: public, max-age=31536000
age: 88830
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freegiftmobilelegends22.work.gd/static/img/logo.png
20.189.78.99200 OK 3.1 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/logo.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 143 x 57, 8-bit colormap, non-interlaced\012- data
Hash ade52d82cc35a17e99ccbb20439cbcbc
9f700e422c6a803a4aefa816a2d9ea2640c17547
18cabba213026d1cfdb15168bd00de62a36dd0705aeff0e3274292ebb9d39384
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/logo.png HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:12 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 3110
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/jabes/1.jpg
20.189.78.99200 OK 12 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/1.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 167x270, components 3\012- data
Hash 6bdafba8b4be45ebc808ada032e5892d
77c8e76b77f0367d59c4530313f34282e5e1e89f
930e1b3f4826f0e907f7e619405b0e1f22f9334ed14a65af13ca1b0fa8ffb2a5
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/1.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:26:53 GMT
accept-ranges: bytes
content-length: 12117
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 21:03:04 GMT
expires: Thu, 22 Sep 2022 21:18:04 GMT
cache-control: public, max-age=900
age: 69
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.226302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 22 Sep 2022 21:04:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freegiftmobilelegends22.work.gd/jabes/2.jpg
20.189.78.99200 OK 11 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/2.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 167x268, components 3\012- data
Hash c90ffbab6f77dc72dd0f700b7b393583
5759f94da7133ded80829fbbd74545aec8e08767
4930b40e8e2dbdd7ec33b887123328514ec1aaf6a0264aae7745689507796048
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/2.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:27:19 GMT
accept-ranges: bytes
content-length: 11192
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/jabes/3.jpg
20.189.78.99200 OK 9.0 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/3.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x269, components 3\012- data
Hash 60d750b421b89aa2313d184fcf094b7d
eac5212fb8bf7b7bef1599a106b93b6b6c62e445
f5712248a6e5777a0cf3bf3c9c39cec914167ffd803d7c16ef2f0456415f7d9a
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/3.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:27:25 GMT
accept-ranges: bytes
content-length: 8971
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/jabes/4.jpg
20.189.78.99200 OK 10 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/4.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 164x270, components 3\012- data
Hash 509b677d65fb7f1039c4df9f0b62f088
1db73c62f220cba650d5667abff5808f4247d115
034fb410f7fe0e639129377082faed19736d0197f21d7ef994827936af04f733
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/4.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Thu, 04 Aug 2022 08:42:22 GMT
accept-ranges: bytes
content-length: 10361
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/gg.jpg
20.189.78.99404 Not Found 1.2 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/gg.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/gg.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/chou.jpg
20.189.78.99404 Not Found 1.2 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/chou.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/chou.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/7.jpeg
20.189.78.99200 OK 15 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/7.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x338, components 3\012- data
Hash fa6f89590fa29d956b348eab35c10e32
594d0b64f1390dd8de4a069ea9743814969d3aa5
df18c8af2cb52fd9d34bedb9d77021d16311c6b53f17a61e99f9446fa0de5813
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/7.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 14591
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freegiftmobilelegends22.work.gd/static/img/skins/8.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/8.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 204x340, components 3\012- data
Hash 668564e4473038f448976765df11af0d
8933a2ba272e2df2f25572d2b3c908dbf3fc2d22
32f800cf39608715be8f8737eeaf8783121d7279c56dcac21fdf5095426dde92
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/8.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11717
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9ff5344c1e37c3d1e182fffdea8379a4
4811e8e8865ed307f5549f40225665e6a163715e
0c16409a94f9536a8d43d585edc3d917630d7a38985a3747a109646808d7e738
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 21:04:13 GMT
server: ESF
cache-control: private
content-length: 30772
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36059)
Hash 653ca66c61b84cbd83869ee18f017d75
90a6545ff9e57c4b7aead2902a6b490020062f8d
9a2bb3e8ba9e5b19e7d5ceef273a3ef848af3472f0e779f6764037e78dfdccea
GET /js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:09:23 GMT
expires: Thu, 21 Sep 2023 05:09:23 GMT
cache-control: public, max-age=31536000
age: 143690
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.9 kB URL HTTP/2 yt3.ggpht.com/m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 23fb59dbdd6b7dc76cd71088fecb56be
2c0ed5d42d5651037c27f7a070e3935aba026534
c0bd67f0c5c74150fcaf4f174c8133fc74ef2d2340b548974126612096e9c7c9
GET /m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4909
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:55:13 GMT
expires: Tue, 21 Jun 2022 08:57:50 GMT
cache-control: public, max-age=86400, no-transform
age: 540
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pht.qoo-static.com/VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512
52.76.96.242403 Forbidden 169 B URL HTTP/2 pht.qoo-static.com/VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512
IP 52.76.96.242:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3944b69d2e5ed0868bbe4fdcd35e6773
cc891b47510aaaec347a5880913f720b4f13db4a
28379c5f15ea5ffb7fda52f940cf73555f02b2d7e4f20032633b98ac079621b5
Analyzer Verdict Alert fortinet Malware
GET /VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512 HTTP/1.1
Host: pht.qoo-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx/1.12.2
date: Thu, 22 Sep 2022 21:04:13 GMT
content-type: text/html; charset=utf-8
content-length: 169
x-frame-options: sameorigin
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/1.jpeg
20.189.78.99200 OK 14 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/1.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 127x125, components 3\012- data
Hash c3f23c759474b52b605376efbc3358ca
8aa3921a9d9996aa58400f7789c1b3a8d6bef993
bbfc84c4fbf2b869a000a32099492c9978c23d3a80695805c2c9fc8678b256d5
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/1.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13882
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/2.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/2.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x130, components 3\012- data
Hash 89dd611dc90e68c564dd9a332a461c40
6fa24fa9061cb2a6f0b5424854e4de35600ae2f5
1e714f2533ca0e0913503199304bc6ce466ec054705866c2ae340fe596ad4d05
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/2.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12408
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/3.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/3.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 124x127, components 3\012- data
Hash 943b4a00399dc4e693e4931cf33bef96
df0216e09753f2d2ca2efe7e5baa4b600308d020
de0441e81786232488b2a73e9c56e78040cdd2f9adf82dcda25f4e9d166fd925
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/3.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12468
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/4.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/4.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x131, components 3\012- data
Hash ed0142f6c936e02fa902084dfb20d32f
a551891b9b27510ad06787329490b9614875519c
292e4dab178b1ff88f05e2cf3060f3ff3af4eb09d22d8b70e19b5c4cce119c6e
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/4.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11944
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/5.jpeg
20.189.78.99200 OK 13 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/5.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x135, components 3\012- data
Hash 110de4b3386b174aa91799da526a5fa4
ca04da5930727af1dbcbe934b42dce6fe170fa72
567c71f609014824e4e9d15baccf60508b5a6fd9c32b89f4809b3f2d9dcd61f1
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/5.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12875
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/6.jpeg
20.189.78.99200 OK 14 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/6.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, components 3\012- data
Hash 8d8317eea9213928e3c0319cf237e8ab
34073433e542bfcae6c627a09796828e6b2758f0
5eee23e2ba4c13b2a0d20266aa99d61d20f41725365760f63821ceaf836914b2
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/6.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13578
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/7.jpeg
20.189.78.99200 OK 10 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/7.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 123x125, components 3\012- data
Hash a45314cdf40507ef02c3ee779d608aca
bece15ef6fcb3339a5c9d32545a49d883ced5299
fb91a9fbfacfb720ffe9403476f8f0320cb6387492413191ef944555579dbe31
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/7.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 10538
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/8.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/8.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 135x131, components 3\012- data
Hash bb3a6821a831388426333e7ff7c21b93
9b3ed817773e8a3cc88e7a7493855b0a68525444
afb9170b3c58fb81966bcf994426ada17c689040546525719b51b527bf4bee06
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/8.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 12391
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/9.jpeg
20.189.78.99200 OK 12 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/9.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x125, components 3\012- data
Hash 12b66031d66c51b1861e2e964def545d
78e00bc755458b2662979fab06e3aeebeb5abf1c
336abc805d5ecf4e7b22df535cf7ccbedb2e0f7e4a8a78d2d5f67a3fa0f9ce02
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/9.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 11893
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/borders/10.jpeg
20.189.78.99200 OK 14 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/borders/10.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 129x123, components 3\012- data
Hash 5594fba93fa048c23b78ab94585d2c06
13ce3970dfd6ff588fc50fb18cf09f5016d9daf7
682d7221d4009f85742bf6e94480a7c7b552e26cec03f8bff41e5406d48dd39f
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/borders/10.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 13776
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/jabes/02.jpg
20.189.78.99200 OK 30 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/02.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 145x257, components 3\012- data
Hash 4fae539b14c385cde860b007c4d2b3fa
a442c48e83af5cbc8bf67c177f1e71d1b84e705c
cc0a71bc85a0d6dc6fa1ff4eb163f4efa35e9eeca14f8405f3823d784ddc1b24
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/02.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:51 GMT
accept-ranges: bytes
content-length: 29618
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/jabes/03.jpg
20.189.78.99200 OK 27 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/03.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 148x260, components 3\012- data
Hash 16df2a4c7f71de466f66837d577e7dd2
d38e80ae6ee5dd22cb9406c43e2bb7b2e7339fd7
c4cc742ae92b2b40477417090046abdce40cdd4fe06b1ce01517333066f5e14a
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/03.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:54 GMT
accept-ranges: bytes
content-length: 27173
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/jabes/04.jpg
20.189.78.99200 OK 26 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/04.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 150x259, components 3\012- data
Hash a4e7f9f345de741267674ac39cd80720
809c6543a8761be30b05a8b1b2259664139cf933
67e5afd8ff28ec8e7a10a7da249feb3a1e822f91dae26aae6dc6873c8229abb5
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/04.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:59 GMT
accept-ranges: bytes
content-length: 25550
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/3.jpeg
20.189.78.99200 OK 32 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/3.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:46:04, GPS-Data], baseline, precision 8, 191x310, components 3\012- data
Hash a821cb25aedb8f21ee5c03373f8c6204
b9da5997bc68fd683f3d37472f7a195c3768e5a8
4cc8564668053a9c742519471135bbac27debac4b6973ac3acebace82b545740
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/3.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 31966
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/6.jpeg
20.189.78.99200 OK 17 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/6.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 215x340, components 3\012- data
Hash e5da1e2012e6d30a5a7e200a1082d861
09f77c3bcf56cb03d003d1ee9b2aa579d9ea4186
ad04ea1d3edf662dfb76489ccbc8879b070747697f5da08ebdf2fefa6b858ab0
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/6.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 16900
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/4.jpeg
20.189.78.99200 OK 32 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/4.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:45:50, GPS-Data], baseline, precision 8, 191x310, components 3\012- data
Hash 532de4ebbd562ab3608324f1ea71c9fc
07d647d6d682277cab99464c62084a83864fcfd2
8c713e3f2eec756fe2be399b64a26fee2ce9699c09907ab84e011d760e187f9b
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/4.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 32183
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/12.jpeg
20.189.78.99200 OK 36 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/12.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:44:47, GPS-Data], baseline, precision 8, 189x343, components 3\012- data
Hash dcdc088e8f7fb04bbb9820f35b0fd2b0
2b16826763293304421cf7703a9eb493ad6a125f
517619ca5c8d4db6bc0133e6e7a493bebfd3cc5ab8c13d0d5057a64c677bf8a0
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/12.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36471
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/13.jpeg
20.189.78.99200 OK 34 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/13.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:44:34, GPS-Data], baseline, precision 8, 188x308, components 3\012- data
Hash c27db983a51a794b36da8c05b5666e63
6a5d9710651b38c7de3f130d10537bca214955f3
c625eab36994864ee26e6c57ddede1b5a3b3bf7fdac31b2160de1bb6fa91a68a
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/13.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 33463
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/16.jpeg
20.189.78.99200 OK 37 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/16.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:25 09:42:21, GPS-Data], baseline, precision 8, 207x334, components 3\012- data
Hash b0e4b1911e83beec214d12ffc244a85e
be31911792f61503fd1ecf3d20e96f0cd0bab365
e1773d3bd72c93e893f9629c37878f2c2b8d4157c5023ee7f0648df5edc016a6
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/16.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36699
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/9.jpeg
20.189.78.99200 OK 38 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/9.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 163x267, components 3\012- data
Hash 0669b7019bc06eddbd03dd49b8d02390
4f91de987444900fc5bc062cf9b7adaa4f11a879
71d715e750841ec57b2e8cc623ef77c25b4ecb9f958fa703f16353ab12567ddb
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/9.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 37838
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/10.jpeg
20.189.78.99200 OK 36 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/10.jpeg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x266, components 3\012- data
Hash f38c6a3098302151fc7189d44bb8eb23
b3e943a7c24326216c02b1fda1a10c04b44efc56
14a6a45ed5d0d4de29a998a2166a9654c08e28d4ec53651b7f9037fa45dd0364
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/img/skins/10.jpeg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 36512
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/jabes/000.jpg
20.189.78.99200 OK 65 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:30 00:57:21, width=0], baseline, precision 8, 226x376, components 3\012- data
Hash 696ed59187ba381773d4489010c867c9
24912f17cee9784a03a2792384b3715b99dfb6ca
de7bee49980a1bd6f55fbe498966fb6b71daeda09edaba69f2b1f5a5d67c2b96
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/000.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Mon, 29 Aug 2022 17:34:50 GMT
accept-ranges: bytes
content-length: 65170
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/2newc.jpg
20.189.78.99200 OK 71 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/2newc.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:11:13 10:36:12, GPS-Data, width=0], baseline, precision 8, 233x345, components 3\012- data
Hash 373429187851e808386569195d205f39
c5bafb63e19dac26dc1022e392145a31a24ff53f
b32e5ecdf802d2b19ab9753e42213146931b2a1969d876fbd3500598e54a7e0b
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/2newc.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 71090
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/2new.jpg
20.189.78.99200 OK 79 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/2new.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, baseline, precision 8, 204x338, components 3\012- data
Hash bb0d2324852a75596459207141b8e7cf
66e73ffad47e43c4b94d8051b3d526629218d3de
2a8bf990df2caed939e832d38e44f8f3a916a537cbc6118af0e1cfb2b92778bf
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/2new.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 78700
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/2.jpg
20.189.78.99200 OK 58 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/2.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:10:14 14:07:10, GPS-Data, width=0], baseline, precision 8, 211x342, components 3\012- data
Hash 1cf7efd64ad6cc1439c3539cc20fbc84
296485c7d4c0907843e717c1454ffb2150f20c39
4cb41fdd49332ca98fa3b95cb11dea46f2ea4a92dba60e2563d71b327cc66543
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/2.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 58389
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/dm/5000.jpg
20.189.78.99200 OK 82 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/dm/5000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash c890d2d8fabf64205bd762858235f7ab
de805d94df0985d9500905318002589a3c5c3706
e83fbcfc8112158d8a8afd66acebbbad99d942217ecad0c0975c2f4e4db7a216
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/5000.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 81805
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 21:04:14 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0265bcd6a62aea0abae06601e4e9491f
5eabbb3b0ed14f82cb3049c8208d639004922fc6
f273a15942a8c69e6eb6141b644e7f8e53290af571fb8aa9caa6897c8a7d46b5
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 842
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 21:04:14 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f328c09668a75920e6ce55f716b757
9d54c45a3444089553efeb490bea05d3fb3d380b
a871d006869790c7a7bdf599baad1ccbf00e86b2590aec3263a3a5b26937ae0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f328c09668a75920e6ce55f716b757
9d54c45a3444089553efeb490bea05d3fb3d380b
a871d006869790c7a7bdf599baad1ccbf00e86b2590aec3263a3a5b26937ae0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b4d862ff620a280f30bb70f595305d8
4dc5bda7a8e489e0791e678ad95050fee092988f
9b5d56d0c7204d221a2d3bb88d44ee5e8a8fd37d8e294bd6bfd78cca56cf9d86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/Acv5oGFllDs/sddefault.webp
142.250.74.54200 OK 38 kB URL HTTP/2 i.ytimg.com/vi_webp/Acv5oGFllDs/sddefault.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7cb67e1362d8ea77b65fffecee36326f
de14ecf39e3164e689e1b9e0c19d35c197b26caa
a107b245b70d9fed5d261bbf182b47a1bda695fc01fe5b3a9c92b8d784521875
GET /vi_webp/Acv5oGFllDs/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 37536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 21:04:14 GMT
expires: Thu, 22 Sep 2022 23:04:14 GMT
cache-control: public, max-age=7200
etag: "1661507883"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/dm/2500.jpg
20.189.78.99200 OK 81 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/dm/2500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 8f66c7a0904e304b14cd3cbbd31eafb8
92d81b84c9554f8ac5c1a85f21ded1659e709287
8dff9b35c156d6e7f4cdbf0c3499d5a41dd673360cd3ebb92d34b44b0ee6d9ad
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/2500.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 81165
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/dm/1500.jpg
20.189.78.99200 OK 70 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/dm/1500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 71fdfc59ac4b79cd315f750e2f4d6dbd
12d5c30c5832d81d20f71575a480b696441b6ba8
a3f8bf6e347121460e5aabb4779bfb7f0f7e32166c414a1458e20ec6bc8761ac
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/1500.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 69616
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/dm/1000.jpg
20.189.78.99200 OK 64 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/dm/1000.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 2f3a912fb5a0576b7884466a499d546a
c5f08eeee75a0d0ebfd8f887f7b43939c7578df8
6e8a2198ba7e7e8c1e71c908445c2274bdbd48d414fbb0a7fc044df49c3ab0cd
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/1000.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 63898
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/dm/500.jpg
20.189.78.99200 OK 64 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/dm/500.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash a5ad315a073e74e09b2d4d8294f15a94
57f386aa235168725dedfab8763bfba9a9e77fe4
32cf399c29db81a1e0362fbd3a925ab217fee31de6a092c2396807a2ade9a6cb
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/dm/500.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 63592
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/kof/6.png
20.189.78.99200 OK 118 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/kof/6.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 118 kB (117996 bytes)
Hash c8cf836eebc8bd0d7d29f56d1e4fae8c
1daa116901e043b2d97f68a5483451b3da1bf68e
e65f73ce0ba58ef5d687d3e0ddfb9e65d2681f8e4175519f5303632f57103192
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/kof/6.png HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 117996
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/kof/4.png
20.189.78.99200 OK 109 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/kof/4.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 109 kB (109303 bytes)
Hash 41e8948125d3fe59c6972d5b12939453
c31f4fefebf281f4f0ebaeb40f11324412d5287b
f0cc7c414d92a31d68ab3b38e78b463098946fad4c5f62eaa38c393d4782f435
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/kof/4.png HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 109303
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/kof/5.png
20.189.78.99200 OK 113 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/kof/5.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 113 kB (112990 bytes)
Hash 8ebd1c2e91fe2a579c51e002b9fb5ebf
b1f6838a5728e92a44d18dcf9593824c5d7dfcb3
9c88d54f5dea3dcefa99feb9a724aafac3065ba23b2e17ff9fa5851231524bc8
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/kof/5.png HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/png
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 112990
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/skins/1new.jpg
20.189.78.99200 OK 83 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/skins/1new.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, baseline, precision 8, 208x336, components 3\012- data
Hash f42415aa51283f8556c4d3682802e4ab
18e99d8f5ac756876a26a96fc800680555eb7b8a
03f93970ab1710a1abca976673b7195c7601fe2e253132ed8d45b97dc94fd626
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/skins/1new.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 83305
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/jabes/01.jpg
20.189.78.99200 OK 156 kB URL HTTP/2 freegiftmobilelegends22.work.gd/jabes/01.jpg
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:32:47, width=0], baseline, precision 8, 402x656, components 3\012- data
Size 156 kB (155520 bytes)
Hash 6e34331b2e7768b9a3e25e3bfcf7ac67
61b4ee57783e94ce7f798eaacc3cbccdede67d96
3ff48fd457ecfda559d4617bea1a3aeca2a0b0ca8059bbc1060aa8bb1b56e6e2
Analyzer Verdict Alert openphish Mobile Legends
GET /jabes/01.jpg HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/jpeg
last-modified: Sat, 13 Aug 2022 19:35:48 GMT
accept-ranges: bytes
content-length: 155520
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/sound.mp3
20.189.78.99200 OK 1.1 MB URL HTTP/2 freegiftmobilelegends22.work.gd/static/sound.mp3
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Size 1.1 MB (1104524 bytes)
Hash 015384eeafba5d69507e7440eb54127e
9c50059810626cae8d2beabbafa0c2a52f961863
f9d4d283265ce49509451b07326652e87f7985c9963329fd51128e5c0347b111
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/sound.mp3 HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: audio/mpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
accept-ranges: bytes
content-length: 1104524
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f328c09668a75920e6ce55f716b757
9d54c45a3444089553efeb490bea05d3fb3d380b
a871d006869790c7a7bdf599baad1ccbf00e86b2590aec3263a3a5b26937ae0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freegiftmobilelegends22.work.gd/static/sound.mp3
20.189.78.99206 Partial Content 1.1 MB URL HTTP/2 freegiftmobilelegends22.work.gd/static/sound.mp3
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Size 1.1 MB (1104524 bytes)
Hash 015384eeafba5d69507e7440eb54127e
9c50059810626cae8d2beabbafa0c2a52f961863
f9d4d283265ce49509451b07326652e87f7985c9963329fd51128e5c0347b111
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET /static/sound.mp3 HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Sun, 27 Feb 2022 04:58:42 GMT
content-range: bytes 0-1104523/1104524
content-length: 1104524
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/boxOn.png
20.189.78.99200 OK 603 kB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/boxOn.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1280 x 481, 8-bit/color RGBA, non-interlaced\012- data
Size 603 kB (602563 bytes)
Hash 510f616bc35a268f24ce98d15f9a2429
bf674acfde2279acf8e2d103f52a78d64f718604
f8cdd47205cd93c5e0b7b47611ae2c5c33100a1593039fe271efe2df3eeec4a6
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/boxOn.png HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 17:50:08 GMT
accept-ranges: bytes
content-length: 602563
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663902253&ei=zc0sY7b2NYGR7ASBu4iADw&ip=91.90.42.154&id=o-AHf4dU9V0szHApOZCbRvk_j1JoLbc_unyxl-6HkboWud&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1683750&spc=yR2vp2HiOM1moSYSRSFkfSCG8W5m6a8&vprv=1&mime=audio%2Fwebm&ns=DAYiiniedd8F-5MLQUJ-CnQI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1663880250&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=FN75RJio_NWHDg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPtl51hLI0_EKH8GMsstXowIg5ytFr2xJofpeBRRR7DkAiApHqX6IX8CsXd7vcazUvVx_vZlcw-hLlLsG2glTjqn5A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq-MyKS_Fb8_VYjcVDdIag8iA4Vuw2nlUrCdDrWeeF9AiEA8gP3qBCI8bViqcXLCNXPeP9yGnvIeJePoyNKVTVtzrg%3D&alr=yes&cpn=dYQqx-P1CWk6KINa&cver=1.20220920.01.00&range=0-65934&rn=2&rbuf=0
91.90.45.173200 OK 66 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663902253&ei=zc0sY7b2NYGR7ASBu4iADw&ip=91.90.42.154&id=o-AHf4dU9V0szHApOZCbRvk_j1JoLbc_unyxl-6HkboWud&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1683750&spc=yR2vp2HiOM1moSYSRSFkfSCG8W5m6a8&vprv=1&mime=audio%2Fwebm&ns=DAYiiniedd8F-5MLQUJ-CnQI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1663880250&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=FN75RJio_NWHDg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPtl51hLI0_EKH8GMsstXowIg5ytFr2xJofpeBRRR7DkAiApHqX6IX8CsXd7vcazUvVx_vZlcw-hLlLsG2glTjqn5A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq-MyKS_Fb8_VYjcVDdIag8iA4Vuw2nlUrCdDrWeeF9AiEA8gP3qBCI8bViqcXLCNXPeP9yGnvIeJePoyNKVTVtzrg%3D&alr=yes&cpn=dYQqx-P1CWk6KINa&cver=1.20220920.01.00&range=0-65934&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 30291d76b7807a3f14a79b7a0b356c12
de296641a599d4c1186984218532c7c23af93224
7204bdf9d76106267e9654c99e1edd1f729fd4805244ca1d3522a0fd7c51d39d
GET /videoplayback?expire=1663902253&ei=zc0sY7b2NYGR7ASBu4iADw&ip=91.90.42.154&id=o-AHf4dU9V0szHApOZCbRvk_j1JoLbc_unyxl-6HkboWud&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1683750&spc=yR2vp2HiOM1moSYSRSFkfSCG8W5m6a8&vprv=1&mime=audio%2Fwebm&ns=DAYiiniedd8F-5MLQUJ-CnQI&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1663880250&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=FN75RJio_NWHDg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPtl51hLI0_EKH8GMsstXowIg5ytFr2xJofpeBRRR7DkAiApHqX6IX8CsXd7vcazUvVx_vZlcw-hLlLsG2glTjqn5A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq-MyKS_Fb8_VYjcVDdIag8iA4Vuw2nlUrCdDrWeeF9AiEA8gP3qBCI8bViqcXLCNXPeP9yGnvIeJePoyNKVTVtzrg%3D&alr=yes&cpn=dYQqx-P1CWk6KINa&cver=1.20220920.01.00&range=0-65934&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Aug 2022 11:57:35 GMT
Content-Type: audio/webm
Date: Thu, 22 Sep 2022 21:04:14 GMT
Expires: Thu, 22 Sep 2022 21:04:14 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65935
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663902253&ei=zc0sY7b2NYGR7ASBu4iADw&ip=91.90.42.154&id=o-AHf4dU9V0szHApOZCbRvk_j1JoLbc_unyxl-6HkboWud&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1683750&spc=yR2vp2HiOM1moSYSRSFkfSCG8W5m6a8&vprv=1&mime=video%2Fwebm&ns=DAYiiniedd8F-5MLQUJ-CnQI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1663880250&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=FN75RJio_NWHDg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKrZ4gOI3rLxhO2oCECPXHB4GBCq0fqUN2Bp1syLXgZgCIQDFJNOmF3ChKv8aDApK8NG7N9AISDfbX2QaZ20eVnHwEQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq-MyKS_Fb8_VYjcVDdIag8iA4Vuw2nlUrCdDrWeeF9AiEA8gP3qBCI8bViqcXLCNXPeP9yGnvIeJePoyNKVTVtzrg%3D&alr=yes&cpn=dYQqx-P1CWk6KINa&cver=1.20220920.01.00&range=0-124752&rn=1&rbuf=0
91.90.45.173200 OK 125 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663902253&ei=zc0sY7b2NYGR7ASBu4iADw&ip=91.90.42.154&id=o-AHf4dU9V0szHApOZCbRvk_j1JoLbc_unyxl-6HkboWud&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1683750&spc=yR2vp2HiOM1moSYSRSFkfSCG8W5m6a8&vprv=1&mime=video%2Fwebm&ns=DAYiiniedd8F-5MLQUJ-CnQI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1663880250&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=FN75RJio_NWHDg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKrZ4gOI3rLxhO2oCECPXHB4GBCq0fqUN2Bp1syLXgZgCIQDFJNOmF3ChKv8aDApK8NG7N9AISDfbX2QaZ20eVnHwEQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq-MyKS_Fb8_VYjcVDdIag8iA4Vuw2nlUrCdDrWeeF9AiEA8gP3qBCI8bViqcXLCNXPeP9yGnvIeJePoyNKVTVtzrg%3D&alr=yes&cpn=dYQqx-P1CWk6KINa&cver=1.20220920.01.00&range=0-124752&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Size 125 kB (124753 bytes)
Hash ae4863f2e947cbe2de436123533aa0b3
21f3f54a95343bdd2977144810dd956eb584c620
0f2cf1134d6df2f6e38118d27885f55bd992555d426babdf46cb3d1bf30f6f01
GET /videoplayback?expire=1663902253&ei=zc0sY7b2NYGR7ASBu4iADw&ip=91.90.42.154&id=o-AHf4dU9V0szHApOZCbRvk_j1JoLbc_unyxl-6HkboWud&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1683750&spc=yR2vp2HiOM1moSYSRSFkfSCG8W5m6a8&vprv=1&mime=video%2Fwebm&ns=DAYiiniedd8F-5MLQUJ-CnQI&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1663880250&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=FN75RJio_NWHDg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKrZ4gOI3rLxhO2oCECPXHB4GBCq0fqUN2Bp1syLXgZgCIQDFJNOmF3ChKv8aDApK8NG7N9AISDfbX2QaZ20eVnHwEQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJq-MyKS_Fb8_VYjcVDdIag8iA4Vuw2nlUrCdDrWeeF9AiEA8gP3qBCI8bViqcXLCNXPeP9yGnvIeJePoyNKVTVtzrg%3D&alr=yes&cpn=dYQqx-P1CWk6KINa&cver=1.20220920.01.00&range=0-124752&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Aug 2022 12:32:26 GMT
Content-Type: video/webm
Date: Thu, 22 Sep 2022 21:04:14 GMT
Expires: Thu, 22 Sep 2022 21:04:14 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 124753
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4b4d862ff620a280f30bb70f595305d8
4dc5bda7a8e489e0791e678ad95050fee092988f
9b5d56d0c7204d221a2d3bb88d44ee5e8a8fd37d8e294bd6bfd78cca56cf9d86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4168
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:04:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4168
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:04:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4168
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:04:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4168
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:04:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4168
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:04:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 84592
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e5m6NaDUH_3GPDkxbk6iKhffSJzyYMA97Illy7mtg9um3jcYBR6TXQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:11:23 GMT
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
age: 82371
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:03 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 82091
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 84592
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: bfdfb11f-7ec5-460b-8759-41033451e2a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1ueDEUOIAMFq5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bc459-6f8ebea8143c58f652dc61e8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 02:11:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ln0EYmIyTWExYNLVEv-ZYhdCAYVju_Wu2S-_p5GfD_Kev99yrKwRcg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 18:56:48 GMT
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
age: 7646
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: itH-GLLUay6dtfjGStUDeT3wOwVf-S3tWSY31HjriEFaRUiD8aFKNw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 17:06:02 GMT
age: 14292
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/static/img/card.c777c1a0.png
20.189.78.99200 OK 1.2 MB URL HTTP/2 freegiftmobilelegends22.work.gd/static/img/card.c777c1a0.png
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 850 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1178525 bytes)
Hash f61a082b230f98bcd23879c9fa7f92d5
3f54c318324a9ed2a5c4ec4521d359b4e3ccef62
1c1992ca0652089198af657792f6f23513c93c7788b1cc433a2c5c77da83e0fc
Analyzer Verdict Alert openphish Mobile Legends
GET /static/img/card.c777c1a0.png HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 21:04:13 GMT
content-type: image/png
last-modified: Mon, 29 Aug 2022 17:50:42 GMT
accept-ranges: bytes
content-length: 1178525
date: Thu, 22 Sep 2022 21:04:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 269473172e9be45c13e0ed54106d42f6
2c9f099fe32c298edbdecaa119113436c5e27fa1
deb1848c6d81b7dc3b3c6674ce45fd2f75037fe8d32b4812d44f48fca6e25567
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3811
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:14 GMT
Last-Modified: Thu, 22 Sep 2022 20:00:43 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 313
i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
104.18.15.176200 OK 29 kB URL HTTP/2 i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
IP 104.18.15.176:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 216x216, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 9099099d9d7683a1f7df4c453a3b5250
8a5c119fa1bbfaa30e73b899a7cc2f3e6b307162
6015be6edadd8c2d0e36d1d91b3235986f11e9f42379a3faffe4737b80b37413
GET /originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 21:04:14 GMT
content-type: image/jpeg
content-length: 28766
cf-ray: 74edfdec3d810b31-OSL
accept-ranges: bytes
cache-control: max-age=31536000, immutable
etag: "9099099d9d7683a1f7df4c453a3b5250"
vary: Origin, Accept-Encoding
edge-start: 1663880654758
origin-latency: 124
x-cdn: cloudflare
server: cloudflare
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9327406
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74edfddfd831b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
IP 216.58.207.206:0
GET /embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 Sep 2022 21:04:12 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=nHV6VW9r5lk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=kI6p2X9VEgc; Domain=.youtube.com; Expires=Tue, 21-Mar-2023 21:04:12 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+205; expires=Sat, 21-Sep-2024 21:04:12 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.postimg.cc/fyJcLQjr/1650272368820.jpg
162.19.88.68200 OK 0 B URL HTTP/2 i.postimg.cc/fyJcLQjr/1650272368820.jpg
IP 162.19.88.68:0
GET /fyJcLQjr/1650272368820.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 105367
last-modified: Mon, 18 Apr 2022 09:00:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Teko&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Teko&display=swap
IP 142.250.74.10:0
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 21:04:13 GMT
date: Thu, 22 Sep 2022 21:04:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
freegiftmobilelegends22.work.gd/
20.189.78.99200 OK 0 B URL HTTP/2 freegiftmobilelegends22.work.gd/
IP 20.189.78.99:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert openphish Mobile Legends
fortinet Phishing
GET / HTTP/1.1
Host: freegiftmobilelegends22.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 21:04:12 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
i.postimg.cc/G2M4RvBJ/Legend-Guin.jpg
162.19.88.68200 OK 0 B URL HTTP/2 i.postimg.cc/G2M4RvBJ/Legend-Guin.jpg
IP 162.19.88.68:0
GET /G2M4RvBJ/Legend-Guin.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 102924
last-modified: Tue, 26 Apr 2022 05:28:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/W3vX7c5g/IMG-20220513-160904.jpg
162.19.88.68200 OK 0 B URL HTTP/2 i.postimg.cc/W3vX7c5g/IMG-20220513-160904.jpg
IP 162.19.88.68:0
GET /W3vX7c5g/IMG-20220513-160904.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freegiftmobilelegends22.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:12 GMT
content-type: image/jpeg
content-length: 75848
last-modified: Fri, 13 May 2022 12:23:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2