| gift5862.giftsys.top/sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top | 104.21.234.219 | 301 Moved Permanently | 0 B |
URL HTTP/1.1gift5862.giftsys.top/sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top IP104.21.234.219:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.top domain |
GET /sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 17:17:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 01 Feb 2023 18:17:52 GMT
Location: https://gift5862.giftsys.top/sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8edN7Ajcwznjp55kwNkfVpK%2Feoq3TolrIjUmuvcqo13aGs7oz3yH%2BTJKJuJA2XtliIwj3RZf2acGR6f2V%2B3ldxxwtMBT8FR3A1vYbx8D5rAGxFFL2TbtRE0EfelL%2FCBji4bSXFV9g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792c57d2bc4776d5-LHR
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd2e72d45afe3d391c204b5391599607c 149d68b9d00a720b6f380fa2324779dca9dbe26d f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3506
Expires: Wed, 01 Feb 2023 18:16:18 GMT
Date: Wed, 01 Feb 2023 17:17:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash62de35a6c8e4efd7633fc5236b5b086f 6a92912a86dfcd0330d040cef06bef36889c76ab ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5302
Expires: Wed, 01 Feb 2023 18:46:14 GMT
Date: Wed, 01 Feb 2023 17:17:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha8d45deaa7ebfcd996c2055dae592ab8 55befe074589fe7b39757c145968058162a8fc6b 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20753
Expires: Wed, 01 Feb 2023 23:03:45 GMT
Date: Wed, 01 Feb 2023 17:17:52 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 16:43:25 GMT
content-type: application/json
age: 2067
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4woT9WeOYImUHdxih9iXdfhBl2VBxNgHbEBOYx0bEfg9ihYDBdJhllK9+3k1UeazB7cJzgE6Ei4=
x-amz-request-id: S3X4YGAF6GJR0283
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 16:22:44 GMT
age: 3308
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 17:17:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash9e3bfe1e0c7a0971e8dd0434918e89ff 8d727ff2b85372c7266407d4c9bfa782664b10fe 65b27aae9563a0327897aaf21b9202e981eab247673d0dd59b806367ca740ef8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=159923
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:52 GMT
Etag: "63da6c73-117"
Expires: Fri, 03 Feb 2023 13:43:15 GMT
Last-Modified: Wed, 01 Feb 2023 13:43:15 GMT
Server: nginx
Content-Length: 279
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 16:49:05 GMT
age: 1728
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/trophy.jpg | 104.21.234.219 | 200 OK | 11 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/trophy.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 276x276, components 3\012- data Hash8e4c1ba9f0874a6a954cf0049b97b99e 2f04b63303ab930d291b2b8efbf92e1c42128501 41fd835af982f40043cd15cea0c03c558e39f4db87c18349157f83a7e5443d76
GET /sweeps/ww/money1/trophy.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 10902
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-2a96"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKlRs%2BlMtlJIkwAfkSFbjEtuKIRypwlfPjxq25VMBhvUsMSbkdIUgQxY5VZsR1sYjdMX3Pm%2FdM7Ue1vobTPjfhDfcpcEoka4RW%2BTWJ90bKG1xX6sy47HYoqn7Qg%2BHeGw4cE2X8ki9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d81fd823dd-LHR
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashdf4a6d84addba49571d9f6ae44c61a3f 28c8093de27e27645cf6dfd5ae93a62fc77b9be5 cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| gift5862.giftsys.top/sweeps/ww/money1/_style.css | 104.21.234.219 | 200 OK | 43 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/_style.css IP104.21.234.219:0
File typeASCII text, with CRLF line terminators Hash99cc0edbf9654ac217ccee98b0d34752 90a9817ba6fadb0e83cac657ffda61559b6d7c79 acbff103bc569ecd727168c0037d9b406f40d5d4916104e91bad0a8355eb200e
GET /sweeps/ww/money1/_style.css HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift5862.giftsys.top/sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: text/css
content-length: 43
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-2b"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCWytfyLdxWbrkCH4WaDgwcTJMwqtU%2BH%2FM8kAymZ8Eh2%2BbJS01lBYQp3COr9lXd9UuFIf7tFSfg%2FFdAxjYCExL4g3YEL%2Bvc4VNBu5zKQxqM2nh6jK3p3rQ%2FDS1iygZ5PU7Pel47yrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d80fbc23dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_initial_s.jpg | 104.21.234.219 | 200 OK | 751 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_initial_s.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hashe8c1454c15c6596bb21d99f4d907f632 60e15b6db64c05951cfdafafe7bf75309f8e8e3f 7125f531b9cdb3ef75f1b5b608b974f492794764638bfe482c4b4c5083acbcdb
GET /sweeps/ww/money1/winner_initial_s.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 751
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-2ef"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZc9438W3FqEkHIOKocxm%2Bq0IhB%2BiQ8WSw%2FBVMxNOES2UbhBZ5kBisqbiZafltqD2EIiI1s1JdBb1Tx%2Bgj2weiWCgBbEjAWHv87TfRGx2xYMoHkKPwy7Amh06VrquskH2BUfLkuBmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d8380023dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/loading4.gif | 104.21.234.219 | 200 OK | 7.9 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/loading4.gif IP104.21.234.219:0
File typeGIF image data, version 89a, 50 x 50\012- data Hash2b19ca3439b94b7a398b56ea9b5afa49 d132175327753974c4b00e47f4ee91c0cd2065fb 11894f102437796ba20a1b49a71253e51c340d5ae28ea83e7dcb6fcf9d83e2d1
GET /sweeps/ww/money1/loading4.gif HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/gif
content-length: 7916
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-1eec"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6sznniAbNpuhqKrw0fXd%2F9bmPdpToGDl0QcJ%2FEU03DptJX%2FaWiMrgzoSL2aza6e8Msm5G2IyopSDJ6nuPlSh5Xez82ZsF%2BW%2BLsjbNIT4puqWHGrNemfdvFacjQki46%2FpmrBnwjyKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d81fc723dd-LHR
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 IP216.58.211.3:0
Hash2f5ef18ec8d6b2f31a42ac41712f430f 9b0bb917d932d00147f228dbff2a252922e11f0c dc31626f7bf9cedcbc69500b162ed3924057fa113b230da887a41f8ea4d1b127
POST /s/gts1p5/3mwjESxOeZ8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_2.jpg | 104.21.234.219 | 200 OK | 1.9 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_2.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash0751077bb39eb354771c0918dd4651a2 268d37063c02ed09405d1ea8f820e1b5c8fb8185 acad01dcfdc01b98f69db941ca21c784835aa118c53025dc8006705e49145da7
GET /sweeps/ww/money1/winner_2.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 1856
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-740"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOuiO8lGxSP%2B4c5S3wd7Ke9TQESlfMAeLdvbfpkztaYtpGdVdBs2rzN%2F3lZGq7PFxE4%2BrPDddYnruQBkA7R421l0CABW2DW2b705bCw9wEyiSZrYc5UuxZwGIPj1z6B9rweV4WUmEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d83ffe23dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_cat.jpg | 104.21.234.219 | 200 OK | 1.0 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_cat.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash586953c813e39497f516293ec3ae83ff fb71c1bc210cc6870e9a274b1500216b0cecef9c 0e6817ce05601aedf3fc3429a5ae05838697d805c544bce308d33260406d780e
GET /sweeps/ww/money1/winner_cat.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 1025
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-401"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tei0zZux2aEznMZAoPrmC2kHeyyEKeFxDBtmIVZKk8NebLWsFaX8rAvnIxd6L6lGIdaFbAUlSXSxfzDaD2wSmXxxyfIUQdY6utmqeElqYaGYmkKBGuoPSniu1HJt1dyITaq1qpTHBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d8380123dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_3.jpg | 104.21.234.219 | 200 OK | 1.9 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_3.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash542d93d1236920a35b8f8fd54f48f96f e58911acf8504e40acb46510ff133274702769bb 9fca34a6b918e0d57a987d0b4db6fe6ea8d1a0593123f5b8083bf2bd0250351d
GET /sweeps/ww/money1/winner_3.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 1850
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-73a"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yo4NsPVQUKnUpFO37BGBKspIBeZamPbl%2Fx7oq9Xl7yGO13g0pnYG3Yydu8f3q%2BTtsRFaee9t3DpmaR56i8AVQIv1KV2CzBVLdtsbKNm8S5BUI11Ul1xVwY5wW3CLwGyYmBHhcqCwfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d83ff923dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_initial_m.jpg | 104.21.234.219 | 200 OK | 950 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_initial_m.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash62a261739e9a386d39d542903d5ab050 6cc87f77a580ce13068a1324b397070db3817511 669c7de8cc4685bb673f13db0b8de84fd8142005c4db680cbe35fad7b852c631
GET /sweeps/ww/money1/winner_initial_m.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 950
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-3b6"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrQFysi2FIjBdDeU7GXzBYJgKPvq6LXFyu3CCME55QSwPIDjUs80idIGblrUwzcIlinbq99vr4308pz1rrS1y%2BQhoar%2B34mRjGwaJ5AS8BIjrwD2Q4msYAj4nU0oa9q5edaXz8gU9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d82ff323dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_initial_r.jpg | 104.21.234.219 | 200 OK | 807 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_initial_r.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash3c777668dafeeb70ccc712b2772d7bc5 c896b95b8de6a5773f805862b7eda76afdcee5bf 7fbbaed15a8beaf623f6eaab8c739875e3f90dd929e09a03bcdb2327e486c438
GET /sweeps/ww/money1/winner_initial_r.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 807
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-327"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssTRL3m%2FcavDXyiFS3LWolZ6mO9pyEr3iZ%2B%2FgytHWjz84rAajoCT3F4%2Bt8uMn%2FJWcKYnZVUN%2BqtFr0T2sn1fJfIii2yBP2kQkwwnkja0VsHuYpNvf3iiP7OmQwuG2uhBw27s4JDENA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d8380523dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_4.jpg | 104.21.234.219 | 200 OK | 1.9 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_4.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash7ba72cafb47b63a3277ff2ee2f06d7df 226f26699fcc902d78e5dd33b5f205ca94e2d3b7 7c1304a435337d677c1bb2e43007b946aea6571cacb2b12bf150676dcbd6b8c3
GET /sweeps/ww/money1/winner_4.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 1891
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-763"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXF7lHqujGrbuirJ7%2BaX2i%2BZMAa7hn4zAYp3Bd9fh%2Fbnp%2Fq7Bv3e%2Fni27%2FPN%2BVh3gRBQw6svFlJ3rmLyZiDAWMnxmy7PnJfgJwA2zozWNRjsJ6FxFnaE9zRo74uD7%2BunDmbALyymrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d8380423dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_heart.jpg | 104.21.234.219 | 200 OK | 1.1 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_heart.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash81f292ba7e2842842b40a0542e9eed61 7750065822ccdc9513eeef4e78bdb5f4a9af2c94 183d077619e792b7dca8a6aae956d4aeed36fe6d8217fad61e33fcb663ccdb85
GET /sweeps/ww/money1/winner_heart.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 1051
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-41b"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye9PGlb91JCQftD7uaY0UYZJ8epSvhVY1tFQpamS%2F6N17Ohd6b5ORYTQJnd53KiqmQDmcFvfI9P7zZN8v%2FvmLpNcFCQuUzjOZ5vQTaa94yiJn71mA5esN%2F01ETKtOiaI8wVCY%2FoN0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d83ffc23dd-LHR
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3682
Expires: Wed, 01 Feb 2023 18:19:15 GMT
Date: Wed, 01 Feb 2023 17:17:53 GMT
Connection: keep-alive
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_1.jpg | 104.21.234.219 | 200 OK | 994 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_1.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data Hasha9d333f4d9a7a5d3000fd88f927f643b 08a8077440c095e8a53ea07e371b987745f4e325 3988ceb5393040608765e40cf416c71ad6657d46378f54a275091b8b1a6a218a
GET /sweeps/ww/money1/winner_1.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 994
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-3e2"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaStaLvjr7hJ50Vp6s1teQ4BTH%2FKEBEZSpMO99liSp1g7h4dOUiQat2PaaNzbndPZesl5ijUsWXWSnZlyVlRMWelTA0tIObb6XRB5v%2Fr3cHsc6vFgsD3VC6xq9S1AlsLHophl7h1IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d81fda23dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/user.png | 104.21.234.219 | 200 OK | 2.2 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/user.png IP104.21.234.219:0
File typePNG image data, 96 x 96, 8-bit colormap, non-interlaced\012- data Hash54f5f2e7c2c3e4eddc04cfdd5360e68d 4cbbe8136fcee8d5ae78a207eff3a5c08dce46a8 7c4575354c41980db26473d56e60e1e4e43da1cff091af0819bdc05acfea442d
GET /sweeps/ww/money1/user.png HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/png
content-length: 2208
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-8a0"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4Wy0jHMd5XaIH9Rt5fti3heWVbUasxudGMjLBphDQgwR0VIr42RxRF0TTlz%2Ft50YUDg2rc72yap1mSBK26FLHBoeWAP86VC%2B9R0rwIYbi3jPqvzsHbcORGLTD2HPMP3FVUq1Cw0qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d81fd723dd-LHR
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y | 216.58.211.4 | 200 OK | 586 B |
URL HTTP/2www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y IP216.58.211.4:0
File typeASCII text, with very long lines (884), with no line terminators Hash694e1ffdc57f230297faaae6f042c6ae f839d8ca1f1b681f76313f98953cc8835f4c2845 853988982ae0fb4881b1b467a6dade5bbafc94d96f4c5cc3e2b4d664b78d2357
GET /recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 01 Feb 2023 17:17:53 GMT
date: Wed, 01 Feb 2023 17:17:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/recaptcha.css | 104.21.1.180 | 200 OK | 31 B |
URL HTTP/2rs.y1h1.com/recaptcha.css IP104.21.1.180:0
File typeASCII text, with no line terminators Hashc00fd391bd67289c2be599c7e4d8c80c a08d30b5cc301459c6080858feee0b3ffe4b6697 2e33546fa7891764ba7ae3402a1a46afd831d3e84496d7fb4b70e5cb057e5767
GET /recaptcha.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: text/css
content-length: 31
last-modified: Tue, 05 Nov 2019 03:35:23 GMT
etag: "5dc0edfb-1f"
expires: Thu, 02 Feb 2023 05:13:36 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 257
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFRZFGHSS5SOoD%2BIKRPsv10voo7Y2QeopW%2BK9uCKI3q8QQTgHI7RVjRHDMkiMche3hc7rjv98ARS2m%2FdWoYEmM0DY1Vx5d1PeVW1MeLDwXmu374W7ZPNhA9H%2Bpw5xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d8a9bb0b65-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 IP216.58.211.3:0
Hash2f5ef18ec8d6b2f31a42ac41712f430f 9b0bb917d932d00147f228dbff2a252922e11f0c dc31626f7bf9cedcbc69500b162ed3924057fa113b230da887a41f8ea4d1b127
POST /s/gts1p5/3mwjESxOeZ8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| gift5862.giftsys.top/sweeps/ww/money1/menue.png | 104.21.234.219 | 200 OK | 17 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/menue.png IP104.21.234.219:0
File typePNG image data, 23 x 16, 8-bit/color RGBA, non-interlaced\012- data Hashec518b8df54ac5c5f5731bf7583e119f 721fdb3eeb461328f1700bc441ae89dbe6c7919d c18050d1b501837e8dd06711738cea5fced7c8f4cb9b5b4604e8d7994292da65
GET /sweeps/ww/money1/menue.png HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/png
content-length: 17387
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-43eb"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gs1BWgTLcvnFXg27LS9%2BWas780TIfqGpOOieInxiPr8rYIptaXJcQ1JTod%2BZWfEoSWSplQlgjOCl8yIP10GSwOKNm6RXZ%2BTyaChQIi3Xzlav68JV%2B2DthPJEW58e0%2BDgmqdXB7%2F2TA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d81fce23dd-LHR
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 IP216.58.211.3:0
Hash2f5ef18ec8d6b2f31a42ac41712f430f 9b0bb917d932d00147f228dbff2a252922e11f0c dc31626f7bf9cedcbc69500b162ed3924057fa113b230da887a41f8ea4d1b127
POST /s/gts1p5/3mwjESxOeZ8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| gift5862.giftsys.top/sweeps/ww/money1/logo.png | 104.21.234.219 | 200 OK | 22 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/logo.png IP104.21.234.219:0
File typePNG image data, 300 x 112, 8-bit/color RGBA, non-interlaced\012- data Hash5174f0e365f25d1db538eb424cda65f1 64893ed4e3d3a40a89a04552137cc400bd3f0086 d28c8d82a8cd25f75e54a83d258fde5c00d2d13e783b0b49ece6adfc4be7104e
GET /sweeps/ww/money1/logo.png HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/png
content-length: 21993
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-55e9"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnBX1XcdJ6lz0Ye33%2Fu764cMbKAA7%2B6oje%2FjlX9zcSkO8%2B7oDZ7ab0WggeQ5Daot8k5QrdupgRMFLRo5bJadfqIOb%2Fh5cIawuew%2FnSSTm21PsHG7bGbvF%2FRQUjLXmSEsgKMJQMWxaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d81fcf23dd-LHR
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/winner_cat2.jpg | 104.21.234.219 | 200 OK | 1.1 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/winner_cat2.jpg IP104.21.234.219:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data Hash9b6ca7a5fa68a61b3d569dcde96dbf46 de65bfb2dec45ed1cb707e966797fa9987628440 a83b950fc88acb0866c5043de6a2192d4a3a1c1f4c86046c56352cd98998645d
GET /sweeps/ww/money1/winner_cat2.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 1070
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-42e"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D19u1mdPIljMy8iFpC7ZhI1eSGC5lNDVb6F%2FNsyBA4wBku2B%2FlS0S%2FbpmTHHVkbYd3N7UAlufqqiqNSxj724uOI6iuLaEka3gTgNQXv%2BAscnr6fmT6t2%2FaZhZtOPjs4B89EPrRZDjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d83ffb23dd-LHR
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 IP216.58.211.3:0
Hash2f5ef18ec8d6b2f31a42ac41712f430f 9b0bb917d932d00147f228dbff2a252922e11f0c dc31626f7bf9cedcbc69500b162ed3924057fa113b230da887a41f8ea4d1b127
POST /s/gts1p5/3mwjESxOeZ8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| gift5862.giftsys.top/sweeps/ww/money1/acard.jpg | 104.21.234.219 | 200 OK | 33 kB |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/acard.jpg IP104.21.234.219:0
File typePNG image data, 155 x 115, 8-bit/color RGBA, non-interlaced\012- data Hash0dd672e68a60462db6747b049daad709 e41bc5a51d88d08b3d028bb0aefc32b1c2f00249 405e53ef8e55cf4e054b0a5ad95708f11e21089087bca56d5baac34de171ce91
GET /sweeps/ww/money1/acard.jpg HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/jpeg
content-length: 33359
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
etag: "612a1700-824f"
expires: Fri, 03 Mar 2023 17:17:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZNK00JT5roa73fxIPI60QOWNNajH%2Fb5SdFMmgFReYSwjjOoMMCSmwLcgEg1yaunY3%2FSaWoa%2BkVCqs5KCqdn8k9TjR%2FvzrxlH8Z2rXWKsqOGtsWCo6FhM9JKxRuu3Qxqfj1g5uYGmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d81fca23dd-LHR
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashd06fd066caf4dfa1e21a722a5c468158 acb765577662906ae8e11242bed487ce1051db28 4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/3mwjESxOeZ8 IP216.58.211.3:0
Hash2f5ef18ec8d6b2f31a42ac41712f430f 9b0bb917d932d00147f228dbff2a252922e11f0c dc31626f7bf9cedcbc69500b162ed3924057fa113b230da887a41f8ea4d1b127
POST /s/gts1p5/3mwjESxOeZ8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rs.y1h1.com/push.js | 104.21.1.180 | 200 OK | 5.5 kB |
IP104.21.1.180:0
File typeASCII text, with very long lines (10576), with no line terminators Hash87fade828ac7b30893726d3e14ef2829 7cd81f9289d37379fe6d511ec62edce34b24572c b5844529757f0b1163fe4750d5938ef624172120429e3123ffd6a545d4ac3957
GET /push.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Tue, 04 Jan 2022 15:26:23 GMT
vary: Accept-Encoding
etag: W/"61d4671f-2950"
expires: Wed, 01 Feb 2023 18:42:51 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 38102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNIxHSid119Z1%2FzyFY1iLiikImC2jUv74xOjlJmPMxlsmRd0aq4SoewrB1rTFUG5EbGUYz42BSaXaUlf0fRVZef3WlaBu8%2BTxDMG8pJtCcaHL4d5hI48eG1D7JH%2BXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d9bacb0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-37GE99Q100 | 142.250.74.40 | 200 OK | 77 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-37GE99Q100 IP142.250.74.40:0
File typeASCII text, with very long lines (19467) Hash3bfe637c134d834dc0de17ea93d9f73c 2042e55c5b628794b72eb8c6add547898888a5a0 de7ed51eecd560f5f1459c164dfc2ba79e8b9964ca8636f46136d1dfa5580f78
GET /gtag/js?id=G-37GE99Q100 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 17:17:53 GMT
expires: Wed, 01 Feb 2023 17:17:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.164.121.101 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.164.121.101:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 819+kArMT3WYyDKa5KxPLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z5rHeVSVesMiYUIap52F1EZp5nM=
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash2751084b42dd111d0a7f28241a77201b 680a9ac2f4cf451c9a8449c4df3587595ed9cc4c 1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rs.y1h1.com/confetti.js | 104.21.1.180 | 200 OK | 2.4 kB |
IP104.21.1.180:0
Hash2729bd59605b1fbcd48e19df82ee1919 0ebca2027fdfeb045e85a55f76e8148160d25b57 db0dd1fbb3f191b9c7a32bced658ecd1b2bf23161f45caed4d948081a394f3c3
GET /confetti.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Sun, 20 Jun 2021 04:10:52 GMT
vary: Accept-Encoding
etag: W/"60cebfcc-19c5"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbNYl%2Bv%2BWKOurYpKMOlddvj7W%2ByDkeLK4huqbaPLdQb5J7CtAaornLcgYolZXSWLNkD8BnWEJZ6q9zjZAOcwZKK3%2FF33PcYs%2Bk6TNu%2BdN20D45W6ns1hEbKV946WJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d8a9bf0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash42d54c8c12a2f90c448a11bf42800e86 bb66d35435411c825bfcd0a091f33b7d1708191e 3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js | 142.250.74.35 | 200 OK | 164 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (771) Size164 kB (163774 bytes) Hash57c909ab73fc27ec24f737bbf1cb1de8 89b2c02e9e7a9a764518fca545d3eec2044fd6d9 7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift5862.giftsys.top
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 173299
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t5.giftsys.top/update?eventSub3=view&event3=1 | 104.21.234.219 | 200 OK | 2 B |
URL HTTP/2t5.giftsys.top/update?eventSub3=view&event3=1 IP104.21.234.219:0
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /update?eventSub3=view&event3=1 HTTP/1.1
Host: t5.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift5862.giftsys.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: text/plain;charset=UTF-8
content-length: 2
access-control-allow-origin: https://gift5862.giftsys.top
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8iEpR6T0j1O3NEdJvSbOm%2B5K1nJ0daUwFXfTei5B2gyuB%2Fb9YK521WYqVeLWfuHuNXiItBOKpueE7sHtNc4P6jq7a353RyGYY%2Fe%2Bt%2FMVmI9Lcc70Cclt5bLa3YyOp%2BI7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57db9d6723dd-LHR
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| translate.googleapis.com/translate_static/css/translateelement.css | 216.58.207.234 | 200 OK | 3.6 kB |
URL HTTP/2translate.googleapis.com/translate_static/css/translateelement.css IP216.58.207.234:0
File typeASCII text, with very long lines (22967) Hashf7bf2121608909b56672e6398ac2335c 864ef3bac46b08ab6609fad23f00d5f09815647d b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 16:41:02 GMT
expires: Wed, 01 Feb 2023 17:41:02 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
age: 2212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7dd9b34f1106ade0bfa0d49d2347e703 b3d7da341237f74d1ec3a3233e1a924f9efc7f8d 50b3da270c5f71d747cd4f3a1ea537913ea59878299713399fa459a8a3b1d1d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50B3DA270C5F71D747CD4F3A1EA537913EA59878299713399FA459A8A3B1D1D2"
Last-Modified: Mon, 30 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21588
Expires: Wed, 01 Feb 2023 23:17:42 GMT
Date: Wed, 01 Feb 2023 17:17:54 GMT
Connection: keep-alive
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main | 216.58.207.234 | 200 OK | 75 kB |
URL HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main IP216.58.207.234:0
File typeASCII text, with very long lines (1622) Hash93705f618295a8c01d2c14ddbfd422fe 24696ec767a7ef8a41d2be36af9b679c2abab454 02a016cf6a3c4be2233c42e7dcc657a029bc9170da3397c8b93139d30f703ae6
GET /_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 23:59:35 GMT
expires: Tue, 30 Jan 2024 23:59:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 25 Jan 2023 04:12:33 GMT
content-type: text/javascript; charset=UTF-8
age: 148699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:17:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 216.58.211.10 | 200 OK | 1.4 kB |
URL HTTP/2translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP216.58.211.10:0
Hash3ad547ec47ef63d87eff80e53d6dd861 20cd334266b4bc9b47966d5487f0a2b2d41db765 c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 17:17:54 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Wed, 01 Feb 2023 17:17:54 GMT
set-cookie: NID=511=EOLb-lnvh5CH28zmMK-O-EcZfXUmRXLLrvg-NOMjs0JVKYjMXUi3S2lPfdhCgYfh9r1qPSGim9njF7xNdcJkJGBq5mkJSTHyCMsVTWfBXUU6vJ3AZJSimvak0Ao66v0CTGpY6NQdoqbCFiT3p6_hHzfGMHZ_bM3zRjqOo0HXvew; expires=Thu, 03-Aug-2023 17:17:54 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+006; expires=Fri, 31-Jan-2025 17:17:54 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/favicon.ico | 104.21.234.219 | 200 OK | 26 kB |
URL HTTP/2gift5862.giftsys.top/favicon.ico IP104.21.234.219:0
File typeMS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data Hash09c16862d6fd162fc70f7fa1e7ab0042 634294e6a9c12ef52d4dc32b75d67ffc21585a43 e708cc4e543d2c105efdd080fa543e6d26560b9a6d92eb3bfcabd399face9911
GET /favicon.ico HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_37GE99Q100=GS1.1.1675271896.1.0.1675271896.0.0.0; _ga=GA1.1.974638342.1675271896
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: image/x-icon
last-modified: Mon, 10 Jan 2022 06:10:46 GMT
etag: W/"61dbcde6-1083e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkFRis08qq%2FRQ1zDDmtEkFhG%2FshVpnSXEBqB0xxo3spXB4REE%2BfhQw6zQN7uvF4CJlfGPowpXreWoEYWCX5NOg1OMDqSF3yfZWktYI57VI3vp2vyI0LYKixVfVmlNnQtkR4sSR%2B61g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57db6d2e23dd-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 520631
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100>m=2oe1u0&_p=1610468085&cid=974638342.1675271896&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675271896&sct=1&seg=0&dl=https%3A%2F%2Fgift5862.giftsys.top%2Fsweeps%2Fww%2Fmoney1%2Findex_en-gb.php%3Fvid%3D1675271704-qXUSxU%26utm_medium%3D21977%26utm_source%3DAdvertizer%26utm_campaign%3DAdv_RevenueShare_IN_Copy_Auto%26utm_content%3DWW_2025_Finance%2BSurvey%2B(Android)_RL_RandomPub%26isp%3DReliance%2BJio%2BInfocomm%2BLimited%26city%3DChanganacheri%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16e4752a276c232904%26ck%3D2%26td%3Dt5.giftsys.top&dt=(1)%20New%20Message&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100>m=2oe1u0&_p=1610468085&cid=974638342.1675271896&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675271896&sct=1&seg=0&dl=https%3A%2F%2Fgift5862.giftsys.top%2Fsweeps%2Fww%2Fmoney1%2Findex_en-gb.php%3Fvid%3D1675271704-qXUSxU%26utm_medium%3D21977%26utm_source%3DAdvertizer%26utm_campaign%3DAdv_RevenueShare_IN_Copy_Auto%26utm_content%3DWW_2025_Finance%2BSurvey%2B(Android)_RL_RandomPub%26isp%3DReliance%2BJio%2BInfocomm%2BLimited%26city%3DChanganacheri%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16e4752a276c232904%26ck%3D2%26td%3Dt5.giftsys.top&dt=(1)%20New%20Message&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-37GE99Q100>m=2oe1u0&_p=1610468085&cid=974638342.1675271896&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675271896&sct=1&seg=0&dl=https%3A%2F%2Fgift5862.giftsys.top%2Fsweeps%2Fww%2Fmoney1%2Findex_en-gb.php%3Fvid%3D1675271704-qXUSxU%26utm_medium%3D21977%26utm_source%3DAdvertizer%26utm_campaign%3DAdv_RevenueShare_IN_Copy_Auto%26utm_content%3DWW_2025_Finance%2BSurvey%2B(Android)_RL_RandomPub%26isp%3DReliance%2BJio%2BInfocomm%2BLimited%26city%3DChanganacheri%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16e4752a276c232904%26ck%3D2%26td%3Dt5.giftsys.top&dt=(1)%20New%20Message&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Wed, 01 Feb 2023 17:17:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9450
Expires: Wed, 01 Feb 2023 19:55:24 GMT
Date: Wed, 01 Feb 2023 17:17:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9450
Expires: Wed, 01 Feb 2023 19:55:24 GMT
Date: Wed, 01 Feb 2023 17:17:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9450
Expires: Wed, 01 Feb 2023 19:55:24 GMT
Date: Wed, 01 Feb 2023 17:17:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9450
Expires: Wed, 01 Feb 2023 19:55:24 GMT
Date: Wed, 01 Feb 2023 17:17:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9450
Expires: Wed, 01 Feb 2023 19:55:24 GMT
Date: Wed, 01 Feb 2023 17:17:54 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3366ef4f8733cb9c89a5c88f63a0a441 7da46843b6d885f38a4759a08e6c899906ab7b97 7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 53276
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash27e95b7912edc909d6b031e36fe83534 eb27fae0bb17dbe0929a620002195233ef50c1d0 b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 12:57:00 GMT
age: 15654
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashec7e808a5e82552c46c3417a5b32b836 f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daAf58GNG6Oy-ov_8TUeXnTcvZyW5eL_qwWz7dapr2Sy_5XSiS-3Mw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 70499
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4bb3a6fba496d54cdbbccaf2b9600386 8e30002699e9fbf2047f9ac11a36d2175fc9c591 927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:27:41 GMT
age: 35414
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2998f7f50ac0eec931c348e8a0fb0c60 f5e411cda74cb7fb4a662f4787e9543b9749c8b5 0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4yxwz2MFTdpb8I56VVbFU2Zz0qG_uHcYc3aDtn6boQPjhw7UFLLnYw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 10:37:09 GMT
age: 24046
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash65c02d8a1b0d6a210cb2a649c5c67469 027dbc7a104c922904f067ed15d696c363c11774 89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _xCzARAxn6PB9wrQAL98hWvnUxQOocZFqMoS2l_CoIzOJC18bXQuSQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:53:32 GMT
age: 69863
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/trans.css | 104.21.1.180 | 200 OK | 0 B |
IP104.21.1.180:0
GET /trans.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: text/css
last-modified: Sat, 24 Apr 2021 01:57:27 GMT
etag: W/"60837b07-1a1"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIoNWOvkmNQMcMn2vYgRNebe5GqufGFeSyqZLBuUw2aOWce6nNN4D0HbHgWSIdNIONtXyvzPOT97hpBVXyaAx3ZPvoftNVECvQv9xTxCs25g%2FB4dgMtBLhMCVgPNNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d9bad00b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/copy.js | 104.21.1.180 | 200 OK | 0 B |
IP104.21.1.180:0
GET /copy.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 10:43:18 GMT
vary: Accept-Encoding
etag: W/"6308a3c6-ea8"
expires: Thu, 02 Feb 2023 05:13:37 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tH1DSNQ25u%2BInXiXXHXoy0JAvqzrRkpHoKq6Dc9ghavugbmIe1slW3TvTidTJHVTGwy%2BjgrVnlFaTx8f4oM6ACk75ju0ciw38g0R2Bfx29sPrVe74BP0t%2BcQKI9sBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d8b9c20b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/checkbot.js | 104.21.1.180 | 200 OK | 0 B |
IP104.21.1.180:0
GET /checkbot.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Sat, 05 Mar 2022 01:55:11 GMT
vary: Accept-Encoding
etag: W/"6222c2ff-1fef"
expires: Thu, 02 Feb 2023 05:13:37 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq%2F4gBgj6Y%2BLSeJuKUI6HgR0UOsCCxLzC5vAy5xVJOKSq%2ByIdJ6j8LOKHffCcAjay8NaMaoC5lWdfZt6kFIfBSgKWYv6eYlg7kRG%2BUWEMn%2BC42D9Ym9JwnPynkISEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d8b9c90b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/audio1.js | 104.21.234.219 | 200 OK | 0 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/audio1.js IP104.21.234.219:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/ww/money1/audio1.js HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Sat, 18 Sep 2021 07:56:20 GMT
etag: W/"61459ba4-164"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAjh4FWPJlvWfqP%2FLkFlJuOeQE0ZvWKi7qRI0Tm4QDpQpGBDVgAdGTAsMRqnVKe6tQGAhGMOxV5AZDXhbmkHzX9Fg3rKiAtkfkomK35AsQy7hf%2F59M0Lwio9o1amFYvK8bAZBzQJDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d8481b23dd-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/script1.js | 104.21.234.219 | 200 OK | 0 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/script1.js IP104.21.234.219:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sweeps/ww/money1/script1.js HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
vary: Accept-Encoding
etag: W/"612a1700-f3a"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXAUcQ%2BkUKO9a%2Fm0X0N75Qx31ir9Ha8K1gsI4E%2F9gKe1SADN83nV78kHJ1g9iIjQLLRjr6IyuXf9%2F62dLI2iHrfn4%2FeCedFX3SwcmMXvCipqjjNMiWOiNqOC9%2FmsotnR%2F9l6KzHSWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d8481723dd-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/load.js | 104.21.1.180 | 200 OK | 0 B |
IP104.21.1.180:0
GET /load.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 10:37:26 GMT
vary: Accept-Encoding
etag: W/"6311dce6-1b90"
expires: Thu, 02 Feb 2023 05:13:37 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5u3MJPEkO%2BwbKeMhtbB516kKNFQuSDsGd5CrMV98NUSr1wIMFlqmeaFE3HWQusz2Hrtw93IgP%2F6fbJ8fbHn4fTHXKAeGPnDu9A6M%2FFRgBgSooUe2s0LSOymUTa9atg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d8d9e20b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/common.js | 104.21.1.180 | 200 OK | 0 B |
IP104.21.1.180:0
GET /common.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 09:36:30 GMT
vary: Accept-Encoding
etag: W/"6214ae9e-42fe"
expires: Thu, 02 Feb 2023 05:13:37 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0GLlFoOyDwmVBcimftzznA%2Bw%2BiOhAohlTgp2sJn6oBaQA4pMvdT%2Bj%2B257qx8hCx6asqLmhVOSa3nECUKays3mI4pWjGHCFsMruKMGHlseZSY5cGnZeQZN9Z9N4jUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d98aa10b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/trans.js | 104.21.1.180 | 200 OK | 0 B |
IP104.21.1.180:0
GET /trans.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Sat, 24 Apr 2021 01:58:46 GMT
etag: W/"60837b56-151"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVFpRDPulOlXCc8w97ecv6kMO3CoIH3%2B0zds72EpiHLYhQwYGZEsKTw9YphzGGSApnOSas8I%2BvdJiSOnl8mIz%2FEZMB6U5xULmpX7kA%2Fa1QzdicdnUDkPvxekqqSLDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d9bad40b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top | 104.21.234.219 | 200 OK | 0 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top IP104.21.234.219:0
NIDS | Severity | Alert | suricata | medium | ET INFO HTTP Request to a *.top domain |
GET /sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGhDrqGMwdXj7tcp38MexIgptRapgweB8w7WxoWY%2BvTCHA4hw0zA7eO%2BOJeXlZft7B4VSdqyRcU%2FEqJnjFRrR8%2FxLcpDLZVxMri7QZVG2SGpTou%2FdGUKT0jBOJ%2B5sinP0e7BVM8EBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d6cd6123dd-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gift5862.giftsys.top/sweeps/ww/money1/_style10.css | 104.21.234.219 | 200 OK | 0 B |
URL HTTP/2gift5862.giftsys.top/sweeps/ww/money1/_style10.css IP104.21.234.219:0
GET /sweeps/ww/money1/_style10.css HTTP/1.1
Host: gift5862.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gift5862.giftsys.top/sweeps/ww/money1/index_en-gb.php?vid=1675271704-qXUSxU&utm_medium=21977&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_IN_Copy_Auto&utm_content=WW_2025_Finance+Survey+(Android)_RL_RandomPub&isp=Reliance+Jio+Infocomm+Limited&city=Changanacheri&br=0&sp=1&iw=False&checked=0&trans=1&ipp=0&lpkey=16e4752a276c232904&ck=2&td=t5.giftsys.top
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: text/css
last-modified: Sat, 28 Aug 2021 10:59:12 GMT
vary: Accept-Encoding
etag: W/"612a1700-211c"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqr3%2FtT2K1FoQzVlBCrECL0J0Uosr010YLUdULe18t6V1Al1%2FIodMMW8g98pJsp9KFAJIm5icJq%2FDVt5J%2FSQEAc6J6rOsnRIi4L9wx6uDCod26mXALyXa6XwhL%2F3MEhipXNKhxjNrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d80fba23dd-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/dr-dtime.js | 104.21.1.180 | 200 OK | 0 B |
IP104.21.1.180:0
GET /dr-dtime.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Sun, 05 Dec 2021 08:01:55 GMT
vary: Accept-Encoding
etag: W/"61ac71f3-3647"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2C5sXRsvxZoygkIy2O5up40gziwN75y1DHXl6M3UcsSZ%2BI8Polh2dFF%2Fz7SsCFnEPr69do9KdOT21mnRWcOFL9DoK%2B%2BlpI52uwpP4KQCxt9gmq%2FCBN8AcLfYs5kFog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d8a9bc0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/jquery-3.5.1.min.js | 104.21.1.180 | 200 OK | 0 B |
URL HTTP/2rs.y1h1.com/jquery-3.5.1.min.js IP104.21.1.180:0
GET /jquery-3.5.1.min.js HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: application/javascript
last-modified: Sun, 20 Jun 2021 08:52:33 GMT
vary: Accept-Encoding
etag: W/"60cf01d1-15d84"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9hX9bqGyTSTaNqJUIZksSW6P795d2dXIh%2BoUn1kTOQVITnEOZwbSFWLqsPw9LkvxYmixT6tJDUZdpKfllzWnm%2BpXAhm9ApQjyl0hqK1xMSMxMS03tuJZxoLRh%2Fz%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57d8f9fd0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 216.58.211.14 | 200 OK | 0 B |
URL HTTP/2translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Feb 2023 17:17:53 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+713; expires=Fri, 31-Jan-2025 17:17:53 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t5.giftsys.top/recaptcha/verify?token=03AFY_a8VdYpGphOLygECnnEVBLEBgm2-7g06Z0vxuYCX4xbwChuW1AS0JG2JCavbKgBgGVKY4xDZUHAVuliOuMMDgMWCMxv8bOEqtANhwBhMmEKOkHI3GmhfBhW_DhcrZcNxigXysQ4_ieyp7es56q0vZG_LFZUgOH3AXYaJOrysG3q-c_jbJeVRbPlFwCxOguSAUCG_2QBsTnZnVHmdg8PCoKv5po3o9zu_tx37c0QvviV7667iI_E44gWtEZETzGgmhUHjjoNU4AsapwsNc3sN6uyjd55g2LayECx0KoiX8sjNFX-TCQopbSdscQWgv9x7LXtQivv7Ynz63mpa0pw0X7d0_5h2Vq-t9wpdHSPillKAowigsUynerprgxoggcrh6DUY-zwviQIoibYwKX8qpIZkRyOk-X8gIa4sTpKuJdIBknkeA7fiiGktHjNJjIcq1ZlHKOiRpF1i1qPWhHXXmgHgE8khMbNq4mGs8x7CiTFq1DcUtTee5MgLivwNgQ71Z7wGnpI07BdmEMhBFtnbFx5wiM9GM5Q&vid=1675271704-qXUSxU&eventSubField=eventSub9&eventField=event9&botScore=0.5 | 104.21.234.219 | 200 OK | 0 B |
URL HTTP/2t5.giftsys.top/recaptcha/verify?token=03AFY_a8VdYpGphOLygECnnEVBLEBgm2-7g06Z0vxuYCX4xbwChuW1AS0JG2JCavbKgBgGVKY4xDZUHAVuliOuMMDgMWCMxv8bOEqtANhwBhMmEKOkHI3GmhfBhW_DhcrZcNxigXysQ4_ieyp7es56q0vZG_LFZUgOH3AXYaJOrysG3q-c_jbJeVRbPlFwCxOguSAUCG_2QBsTnZnVHmdg8PCoKv5po3o9zu_tx37c0QvviV7667iI_E44gWtEZETzGgmhUHjjoNU4AsapwsNc3sN6uyjd55g2LayECx0KoiX8sjNFX-TCQopbSdscQWgv9x7LXtQivv7Ynz63mpa0pw0X7d0_5h2Vq-t9wpdHSPillKAowigsUynerprgxoggcrh6DUY-zwviQIoibYwKX8qpIZkRyOk-X8gIa4sTpKuJdIBknkeA7fiiGktHjNJjIcq1ZlHKOiRpF1i1qPWhHXXmgHgE8khMbNq4mGs8x7CiTFq1DcUtTee5MgLivwNgQ71Z7wGnpI07BdmEMhBFtnbFx5wiM9GM5Q&vid=1675271704-qXUSxU&eventSubField=eventSub9&eventField=event9&botScore=0.5 IP104.21.234.219:0
GET /recaptcha/verify?token=03AFY_a8VdYpGphOLygECnnEVBLEBgm2-7g06Z0vxuYCX4xbwChuW1AS0JG2JCavbKgBgGVKY4xDZUHAVuliOuMMDgMWCMxv8bOEqtANhwBhMmEKOkHI3GmhfBhW_DhcrZcNxigXysQ4_ieyp7es56q0vZG_LFZUgOH3AXYaJOrysG3q-c_jbJeVRbPlFwCxOguSAUCG_2QBsTnZnVHmdg8PCoKv5po3o9zu_tx37c0QvviV7667iI_E44gWtEZETzGgmhUHjjoNU4AsapwsNc3sN6uyjd55g2LayECx0KoiX8sjNFX-TCQopbSdscQWgv9x7LXtQivv7Ynz63mpa0pw0X7d0_5h2Vq-t9wpdHSPillKAowigsUynerprgxoggcrh6DUY-zwviQIoibYwKX8qpIZkRyOk-X8gIa4sTpKuJdIBknkeA7fiiGktHjNJjIcq1ZlHKOiRpF1i1qPWhHXXmgHgE8khMbNq4mGs8x7CiTFq1DcUtTee5MgLivwNgQ71Z7wGnpI07BdmEMhBFtnbFx5wiM9GM5Q&vid=1675271704-qXUSxU&eventSubField=eventSub9&eventField=event9&botScore=0.5 HTTP/1.1
Host: t5.giftsys.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gift5862.giftsys.top
Connection: keep-alive
Cookie: _ga_37GE99Q100=GS1.1.1675271896.1.0.1675271896.0.0.0; _ga=GA1.1.974638342.1675271896
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:54 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://gift5862.giftsys.top
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWrETXC55waP5XI4XD8X2JUj5peqNMfvTof8A9x4aJX9s1Ox%2FKWqJi0R9IOX9ck7kEoo4RK0xxbktYrtte4kKqu9z7PB3d7441fj%2FnY9nGlOtzawEPnIBXdCX%2B7h4O%2FPkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c57e05e2e23dd-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| rs.y1h1.com/confetti.css | 104.21.1.180 | 200 OK | 0 B |
IP104.21.1.180:0
GET /confetti.css HTTP/1.1
Host: rs.y1h1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:17:53 GMT
content-type: text/css
last-modified: Sat, 19 Jun 2021 08:17:57 GMT
etag: W/"60cda835-a0"
expires: Thu, 02 Feb 2023 05:17:53 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BWnEroax7rPMJ%2FsdX384UVRYb5dVVOENnfsIPfOZeiSB8DEcUyeAppcd1WAvslW5tfDBaWkvJN%2BckwBZ2r2o8OCcWoNR7q%2F3svKfgZobp3m%2Fr6mZhDcS1VSRpGE8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c57d8a9bd0b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|