googlegiftcard.com-0ffer.com Open in urlscan Pro
2606:4700:30::6812:3e9f  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response googlegiftcard.com-0ffer.com/	25 KB 7 KB	230ms 157ms	Document text/html	2606:4700:30::6812:3e9f Cloudflare
General Check archive.org Show headers Download Go to Full URL https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:3e9f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ec36583ce96d403e6d568e1e4db98e14c6e5175d67c647b7a7367810369a84d2 Request headers :method GET :authority googlegiftcard.com-0ffer.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 date Tue, 05 Nov 2019 17:45:45 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d71b289077ad1a1e6f2a550c8b0bdb7d71572975944; expires=Wed, 04-Nov-20 17:45:44 GMT; path=/; domain=.com-0ffer.com; HttpOnly; Secure last-modified Tue, 05 Nov 2019 17:43:40 GMT access-control-allow-origin * expires Tue, 05 Nov 2019 17:55:45 GMT cache-control max-age=600 x-proxy-cache MISS x-github-request-id CD1A:49CF:4EA2C1:64A79D:5DC1B548 via 1.1 varnish age 0 x-served-by cache-hhn4042-HHN x-cache MISS x-cache-hits 0 x-timer S1572975945.995151,VS0,VE94 vary Accept-Encoding x-fastly-request-id d4f5efce7e113b5265fb214c6c5f2027dab59e96 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5310a4a7ff268c74-VIE content-encoding br
GET H2	200	utils.96115e0e398cba385e4c.js Show response g.fastcdn.co/js/	32 KB 11 KB	50ms 7ms	Script application/javascript	35.244.137.202 Google LLC
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/utils.96115e0e398cba385e4c.js Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash a80f35623695004113b7439593e0e84613cc0385f2d7d651b8748861a189779e Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Wed, 30 Oct 2019 14:36:00 GMT content-encoding gzip age 529785 x-guploader-uploadid AEnB2Uo_NrmvfCsQGNmRDPZCQ30bC830x7uohrcIUtKwfO5dLXkoiBsxPC0gcf3ogqpw-PiRl7-L7FpV1z9JeU-RQWge6k2QQg x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 10667 last-modified Mon, 28 Oct 2019 12:28:48 GMT server UploadServer etag "d10e1cbca6bdb681b87d76194b2f6d70" vary Accept-Encoding x-goog-hash crc32c=6cW8Aw==, md5=0Q4cvKa9toG4fXYZSy9tcA== x-goog-generation 1572265728583011 cache-control public, max-age=31536000 x-goog-stored-content-length 10667 accept-ranges bytes content-type application/javascript; charset=utf-8 expires Thu, 29 Oct 2020 14:36:00 GMT
GET H2	200	Cradle.7d48307fa97b2c79dd9e.js Show response g.fastcdn.co/js/	16 KB 5 KB	49ms 7ms	Script application/javascript	35.244.137.202 Google LLC
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/Cradle.7d48307fa97b2c79dd9e.js Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash a61931a55615c95d6cbffdeb1efa0f25f2a64ab8db2f13536d651df782bbeeb2 Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Thu, 31 Oct 2019 11:38:31 GMT content-encoding gzip age 454034 x-guploader-uploadid AEnB2UqTuPqNH0TubxT2JkhfPh91IfUF2Giga0XQoUsd0KliAcJyfyzTTkHr5U6u9aMBEaOkE2Zy9JEBufmVdXVYlfU8BU002w x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 4679 last-modified Thu, 31 Oct 2019 11:19:55 GMT server UploadServer etag "d7553bcc80472b939678b94dc72df723" vary Accept-Encoding x-goog-hash crc32c=Xjjw+Q==, md5=11U7zIBHK5OWeLlNxy33Iw== x-goog-generation 1572520795149858 cache-control public, max-age=31536000 x-goog-stored-content-length 4679 accept-ranges bytes content-type application/javascript; charset=utf-8 expires Fri, 30 Oct 2020 11:38:31 GMT
GET H2	200	LazyImage.11f65ec56b7eb117e504.js Show response g.fastcdn.co/js/	3 KB 2 KB	52ms 10ms	Script application/javascript	35.244.137.202 Google LLC
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/LazyImage.11f65ec56b7eb117e504.js Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 77187de7f83031f12fd13c8fc56b656549eeffa84477ca44bff95153c224b646 Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Fri, 01 Nov 2019 02:34:26 GMT content-encoding gzip age 400279 x-guploader-uploadid AEnB2UpHbDofOBHldSO1QmlcMjBNJb0BDtCK9UKWz_9LkdzSsmo4HfgRee7fuMbDacQyWlN8SIAYxlCubnmpMpvNG-YdleWKMA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 1304 last-modified Thu, 31 Oct 2019 11:19:55 GMT server UploadServer etag "987bb9339f550adf4b2e6e13e8971acd" vary Accept-Encoding x-goog-hash crc32c=X14lSg==, md5=mHu5M59VCt9LLm4T6JcazQ== x-goog-generation 1572520795143063 cache-control public, max-age=31536000 x-goog-stored-content-length 1304 accept-ranges bytes content-type application/javascript; charset=utf-8 expires Sat, 31 Oct 2020 02:34:26 GMT
GET H2	200	Form.da3683ca79f877805be8.js Show response g.fastcdn.co/js/	22 KB 6 KB	52ms 10ms	Script application/javascript	35.244.137.202 Google LLC
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/Form.da3683ca79f877805be8.js Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.244.137.202 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 48a076a781298373a4e32927cd8d12a6d7fcc6724a25d9c35dbefc92c371cda9 Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Mon, 28 Oct 2019 17:44:17 GMT content-encoding gzip age 691288 x-guploader-uploadid AEnB2UqdYPl9XbI07Vd5mZuT31ufp3Kqd0DsJnp6eLw7yBfb7yhPBl64I4Y3qDVTmHMJ91Uw9y9KGx5HjfOW3BIWt8flfuA7wg x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 5943 last-modified Mon, 28 Oct 2019 12:28:48 GMT server UploadServer etag "32bc3b3f03c8fe37686fc227c46fc8d5" vary Accept-Encoding x-goog-hash crc32c=Z/DLhg==, md5=Mrw7PwPI/jdob8InxG/I1Q== x-goog-generation 1572265728436338 cache-control public, max-age=31536000 x-goog-stored-content-length 5943 accept-ranges bytes content-type application/javascript; charset=utf-8 expires Tue, 27 Oct 2020 17:44:17 GMT
GET H2	200	wNGbckjd6BA8zlZP Show response www.lockyluke.com/	12 KB 4 KB	124ms 55ms	Script text/html	91.134.235.167 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lockyluke.com/wNGbckjd6BA8zlZP Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.134.235.167 , France, ASN16276 (OVH, FR), Reverse DNS Software LiteSpeed / Resource Hash 7271f986c3c2c5ef0e789783909647579eb03a96706cd3432522ab302cdec7bf Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers pragma no-cache date Tue, 05 Nov 2019 17:45:45 GMT content-encoding gzip server LiteSpeed status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate content-length 3896 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	css fonts.googleapis.com/	24 KB 1 KB	17ms 16ms	Stylesheet text/css	2a00:1450:4001:825::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 05 Nov 2019 17:45:45 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Tue, 05 Nov 2019 17:45:45 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 expires Tue, 05 Nov 2019 17:45:45 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 696 B	25ms 25ms	Stylesheet text/css	2a00:1450:4001:825::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900 Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 2099aaaf844a5ea0977d06d3e3bf69f3706bd6d97b43a5f28c458b4847cf58b9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 05 Nov 2019 17:45:45 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Tue, 05 Nov 2019 17:45:45 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 expires Tue, 05 Nov 2019 17:45:45 GMT
GET H2	200	47255040-0-amazon.png v.fastcdn.co/u/098319af/	21 KB 22 KB	416ms 382ms	Image image/png	192.229.133.208 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/098319af/47255040-0-amazon.png Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software UploadServer / Resource Hash edc6f93cb0f575139417cb1887738d5d8846051384e03d5981f4828fdfa1903b Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Tue, 05 Nov 2019 17:45:45 GMT x-guploader-uploadid AEnB2Ur3rJj0RYUprrdTNdgAG4KJ4kJZpmGb3izZtfrJYE_hLTHd4qum9HwEJcAlrzVgu5Sok4iiZjtSA7tlGxXNrw1b04FGQw x-goog-storage-class STANDARD status 200 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Sat, 26 Dec 2020 04:02:55 GMT x-goog-meta-content-length 0 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 21873 last-modified Tue, 05 Nov 2019 12:02:55 GMT server UploadServer etag "08ff3d7a22ad76ffa8cd74583b0fd0c8" x-goog-hash crc32c=3LSdJA==, md5=CP89eiKtdv+ozXRYOw/QyA== x-goog-generation 1572955375280544 cache-control max-age=315360000, public x-goog-stored-content-length 21873 accept-ranges bytes content-type image/png expires Wed, 04 Nov 2020 17:45:45 GMT
GET H2	200	lib.js Show response heatmap.services/static/	10 KB 4 KB	148ms 122ms	Script application/javascript	130.211.30.60 Google LLC
General Check archive.org Show headers Download Go to Full URL https://heatmap.services/static/lib.js Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 130.211.30.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 60.30.211.130.bc.googleusercontent.com Software / Resource Hash a8c3e77b3670e862e745a50d611cb3ead2c0731f9e165b90ab82194edbca7828 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off status 200 alt-svc clear x-xss-protection 1; mode=block last-modified Mon, 04 Nov 2019 15:24:54 GMT x-frame-options SAMEORIGIN date Tue, 05 Nov 2019 17:45:45 GMT x-download-options noopen vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 google cache-control public, must-revalidate, public access-control-allow-credentials true accept-ranges bytes expires Tue, 05 Nov 2019 17:50:45 GMT
GET H/1.1	200 OK	free-google-play-codes.jpg freegoogleplaycodes.realrocco.com/images/	166 KB 166 KB	94ms 26ms	Image image/jpeg	77.81.121.41 NFORCE
General Check archive.org Show headers Download Go to Show image Full URL https://freegoogleplaycodes.realrocco.com/images/free-google-play-codes.jpg Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 77.81.121.41 Amsterdam, Netherlands, ASN43350 (NFORCE, NL), Reverse DNS Software / Resource Hash 2dd956490e7b5feebf7faedf156c1d777c1c8637b8f484e3a2f74905613a71f6 Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Date Tue, 05 Nov 2019 17:29:22 GMT Last-Modified Tue, 04 Jun 2019 15:19:08 GMT Age 982 X-Cache HIT X-Varnish 363085772 366194758 Connection keep-alive Accept-Ranges bytes Content-Type image/jpeg Content-Length 169693 X-Cache-Hits 19
GET H2	200	1572972068-47254980-ghost-free-google-play-cod.jpg v.fastcdn.co/t/098319af/f37c64d9/	14 KB 14 KB	350ms 350ms	Image image/jpeg	192.229.133.208 MCI Communication...
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/t/098319af/f37c64d9/1572972068-47254980-ghost-free-google-play-cod.jpg Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.133.208 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software UploadServer / Resource Hash 3ec81f8a2119cc09fd22440ca75c8e364931e760bf640224fa8496e16216cd1a Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Tue, 05 Nov 2019 17:45:45 GMT x-guploader-uploadid AEnB2UqyDBHYbsnkThNzS4ZseQ_WjqpceojuwQyDOo8Q-87KiRoITQmvT6aduWHU5FmAkXjmMSBmv6BTCT0UNxKrY_jPYCacFg x-goog-storage-class STANDARD status 200 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Sat, 26 Dec 2020 08:41:08 GMT x-goog-meta-content-length 14438 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14438 last-modified Tue, 05 Nov 2019 16:41:08 GMT server UploadServer etag "5524e1a0e5640e60e14af06d5ec52c39" x-goog-hash crc32c=ElgREg==, md5=VSThoOVkDmDhSvBtXsUsOQ== x-goog-generation 1572972068821909 cache-control max-age=315360000, public x-goog-stored-content-length 14438 accept-ranges bytes content-type image/jpeg expires Wed, 04 Nov 2020 17:45:45 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:818::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Origin https://googlegiftcard.com-0ffer.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Thu, 31 Oct 2019 10:18:03 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:49 GMT server sffe age 458862 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 9132 x-xss-protection 0 expires Fri, 30 Oct 2020 10:18:03 GMT
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2 fonts.gstatic.com/s/titilliumweb/v8/	11 KB 12 KB	5ms 5ms	Font font/woff2	2a00:1450:4001:818::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v8/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2 Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash cd6f4900abc2da200ad96c75852facfd8872610ce9dd259acf3cc82507490dd3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900 Origin https://googlegiftcard.com-0ffer.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Thu, 31 Oct 2019 10:13:18 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:24:58 GMT server sffe age 459147 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 11744 x-xss-protection 0 expires Fri, 30 Oct 2020 10:13:18 GMT
GET H2	200	NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2 fonts.gstatic.com/s/titilliumweb/v8/	12 KB 12 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:818::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v8/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2 Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://fonts.googleapis.com/css?family=Titillium+Web:400,200,200italic,300,300italic,400italic,600,600italic,700,700italic,900 Origin https://googlegiftcard.com-0ffer.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Thu, 31 Oct 2019 18:14:27 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:24:34 GMT server sffe age 430278 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 12344 x-xss-protection 0 expires Fri, 30 Oct 2020 18:14:27 GMT
GET H2	200	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:818::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Origin https://googlegiftcard.com-0ffer.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Wed, 30 Oct 2019 07:35:38 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:31:11 GMT server sffe age 555007 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 9080 x-xss-protection 0 expires Thu, 29 Oct 2020 07:35:38 GMT
GET H2	200	mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2 fonts.gstatic.com/s/opensans/v17/	10 KB 10 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:818::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2 Requested by Host: googlegiftcard.com-0ffer.com URL: https://googlegiftcard.com-0ffer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode cors Referer https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 Origin https://googlegiftcard.com-0ffer.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Wed, 30 Oct 2019 14:25:48 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:31:02 GMT server sffe age 530397 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 9728 x-xss-protection 0 expires Thu, 29 Oct 2020 14:25:48 GMT
POST H2	200	creditcheck.php Show response www.lockyluke.com/	32 B 153 B	52ms 22ms	XHR text/html	91.134.235.167 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lockyluke.com/creditcheck.php Requested by Host: www.lockyluke.com URL: https://www.lockyluke.com/wNGbckjd6BA8zlZP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.134.235.167 , France, ASN16276 (OVH, FR), Reverse DNS Software LiteSpeed / Resource Hash f5a9970ba2bddd28a1aa3ebbe7a4bd53063d2abf5cb56f6f92b2e8306a8a03e2 Request headers Sec-Fetch-Mode cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 05 Nov 2019 17:45:45 GMT content-encoding gzip server LiteSpeed status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * content-length 46
GET H2	200	css fonts.googleapis.com/	14 KB 888 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:825::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic Requested by Host: www.lockyluke.com URL: https://www.lockyluke.com/wNGbckjd6BA8zlZP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 203067df35e7be6e2e2022c294d38052e9a74a73a52dcb1bd2a1dcffd7ce19d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 05 Nov 2019 17:45:45 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Tue, 05 Nov 2019 17:45:45 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 expires Tue, 05 Nov 2019 17:45:45 GMT
POST H2	200	imprcount.php Show response www.lockyluke.com/	1 B 59 B	57ms 29ms	XHR text/html	91.134.235.167 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lockyluke.com/imprcount.php Requested by Host: www.lockyluke.com URL: https://www.lockyluke.com/wNGbckjd6BA8zlZP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.134.235.167 , France, ASN16276 (OVH, FR), Reverse DNS Software LiteSpeed / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Request headers Sec-Fetch-Mode cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 05 Nov 2019 17:45:45 GMT content-encoding gzip server LiteSpeed status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * content-length 21
POST H2	201	raw-data Show response heatmap.services/api/	33 B 398 B	200ms 187ms	Fetch application/json	130.211.30.60 Google LLC
General Check archive.org Show headers Download Go to Full URL https://heatmap.services/api/raw-data Requested by Host: heatmap.services URL: https://heatmap.services/static/lib.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 130.211.30.60 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 60.30.211.130.bc.googleusercontent.com Software / Resource Hash aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode cors Referer https://googlegiftcard.com-0ffer.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google x-content-type-options nosniff x-dns-prefetch-control off status 201 date Tue, 05 Nov 2019 17:45:53 GMT alt-svc clear content-length 33 x-xss-protection 1; mode=block etag W/"21-OGHiFV/OrNujBxibS2uM6bqKAHs" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://googlegiftcard.com-0ffer.com vary Origin, Accept-Encoding access-control-allow-credentials true

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| loadLocker function| checkCreditC function| imprCountC function| __adl__onload_c_wNGbckjd6BA8zlZP object| __variantsData number| __page_id number| __default_experience_id number| __version string| __variant string| __variant_custom_name boolean| __preview number| __page_type string| __variant_hash string| __page_domain number| __predator_throttle object| __predator_blacklist boolean| __page_generator object| _Translate object| webpackJsonp object| core object| __core-js_shared__ object| __eventBus object| __config number| __workspaceWidth object| $clocker object| offerList object| oid_array number| listID string| adlAPIurl number| check object| _htmp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.com-0ffer.com/	1970-01-19 13:41:51	Name: __cfduid Value: d71b289077ad1a1e6f2a550c8b0bdb7d71572975944

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://heatmap.services/static/lib.js(Line 1) Message: HEATMAP EVENTS COLLECTING BLOCKED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
freegoogleplaycodes.realrocco.com
g.fastcdn.co
googlegiftcard.com-0ffer.com
heatmap.services
v.fastcdn.co
www.lockyluke.com
130.211.30.60
192.229.133.208
2606:4700:30::6812:3e9f
2a00:1450:4001:818::2003
2a00:1450:4001:825::200a
35.244.137.202
77.81.121.41
91.134.235.167
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
203067df35e7be6e2e2022c294d38052e9a74a73a52dcb1bd2a1dcffd7ce19d4
2099aaaf844a5ea0977d06d3e3bf69f3706bd6d97b43a5f28c458b4847cf58b9
2dd956490e7b5feebf7faedf156c1d777c1c8637b8f484e3a2f74905613a71f6
3ec81f8a2119cc09fd22440ca75c8e364931e760bf640224fa8496e16216cd1a
48a076a781298373a4e32927cd8d12a6d7fcc6724a25d9c35dbefc92c371cda9
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7271f986c3c2c5ef0e789783909647579eb03a96706cd3432522ab302cdec7bf
77187de7f83031f12fd13c8fc56b656549eeffa84477ca44bff95153c224b646
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a61931a55615c95d6cbffdeb1efa0f25f2a64ab8db2f13536d651df782bbeeb2
a80f35623695004113b7439593e0e84613cc0385f2d7d651b8748861a189779e
a8c3e77b3670e862e745a50d611cb3ead2c0731f9e165b90ab82194edbca7828
aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156
cd6f4900abc2da200ad96c75852facfd8872610ce9dd259acf3cc82507490dd3
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
ec36583ce96d403e6d568e1e4db98e14c6e5175d67c647b7a7367810369a84d2
edc6f93cb0f575139417cb1887738d5d8846051384e03d5981f4828fdfa1903b
f5a9970ba2bddd28a1aa3ebbe7a4bd53063d2abf5cb56f6f92b2e8306a8a03e2
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305