| cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js | 104.17.25.14 | 200 OK | 6.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js IP104.17.25.14:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20800) Hash7e58cd01528ac4394af369c152c17bc2 9496922c892ea80e86d868c4509610d61a1f2847 587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
GET /ajax/libs/popper.js/1.14.6/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.barclaysplsweepstakes.com
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 6634
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-51ed"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 311891
expires: Thu, 24 Apr 2025 08:05:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4GgAG%2FYPQzHq%2FSLG47GpFIyYUGxyrfaNYYmLbmQT14fN27mkqMpXdQZBUWQiU2rYBKp1Vs1L%2BQEyuCWoWA2S0GTEF9NB%2FjpVAWlhxEU0NoXI%2Fk1vq89iZcDuTOKp25%2ButLbFL74"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87e6fc33dee85689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js | 151.101.193.229 | 200 OK | 2.6 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js IP151.101.193.229:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (6498), with no line terminators Hash889f6a354b79c38bdf62a8792a65329d 34b3404aee23c330527201dc2c3b6e78a7655f51 5f1addaf2e9f5922aed63d802f2b8afe01c543ed81a7be99ad1e9fdd05c8e3b6
GET /npm/es6-promise@4/dist/es6-promise.auto.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.2.8
x-jsd-version-type: version
etag: W/"1962-NLNASu4jwzBScgHcLDtueKdlX1E"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 08:05:20 GMT
age: 7584
x-served-by: cache-fra-etou8220134-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2588
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.5.1.min.js | 151.101.130.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.5.1.min.js IP151.101.130.137:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.barclaysplsweepstakes.com
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 08:05:20 GMT
age: 666092
x-served-by: cache-lga21981-LGA, cache-hel1410027-HEL
x-cache: HIT, HIT
x-cache-hits: 64, 207253
x-timer: S1714809921.739264,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/styles/layout.css?ver=002 | 13.107.213.53 | 200 OK | 2.4 kB |
URL GET HTTP/2www.barclaysplsweepstakes.com/styles/layout.css?ver=002 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
Hash50bafe5f0c9c0b436d6fd2caf7669b9f a864b6f295b1208197603874cfe78ae1431111ca 61728d97e77b8a6dcfd97cc976253c076805b115aae2f21f658293bb060f791c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /styles/layout.css?ver=002 HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: text/css
content-length: 2352
cache-control: no-store
last-modified: Wed, 07 Feb 2024 17:52:41 GMT
etag: "97f42872ee59da1:0"
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080520Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006ugt
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| upcdn.io/kW15bTP/raw/Barclays/BarclaysPLSweepstakes/Header_AmericanAirlines_1x.jpg | 143.204.55.60 | 200 OK | 86 kB |
URL GET HTTP/2upcdn.io/kW15bTP/raw/Barclays/BarclaysPLSweepstakes/Header_AmericanAirlines_1x.jpg IP143.204.55.60:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerAmazon Subjectupcdn.io Fingerprint19:93:1D:7D:0D:E4:4D:F8:E7:09:AF:C6:A0:94:AB:C9:EF:B9:92:1A ValiditySat, 20 Jan 2024 00:00:00 GMT - Mon, 17 Feb 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x720, components 3 Hashe00b11652036d210d8d3c81da8615319 76f5d41fd86a5f7e6f2f0b5163e015b3bfcab70e d3bec89cf1b5f504e740a31d9d5dee673f16f96fa55039e21c09c97ccebb9624
GET /kW15bTP/raw/Barclays/BarclaysPLSweepstakes/Header_AmericanAirlines_1x.jpg HTTP/1.1
Host: upcdn.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 85850
date: Thu, 25 Apr 2024 22:45:29 GMT
etag: "05eedafe46ce6094d128832eb4f48bb4-1"
content-disposition: inline; filename="Header_AmericanAirlines_1x.jpg"; filename*=UTF-8''Header_AmericanAirlines_1x.jpg
accept-ranges: bytes
server: Bytescale
x-cache-perma: Hit from Bytescale
content-security-policy: default-src 'none'; media-src 'self' blob: data:; connect-src 'self' blob: data:; img-src 'self' blob: data:;
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Cookie,Authorization,authorization-token
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9d0tggmr6lAxeutyG45AcYRcASwVzhQZRjPgatcM6lC-shY5NVOGpg==
age: 724792
cache-control: max-age=31536000
X-Firefox-Spdy: h2
|
|
| upcdn.io/kW15bTP/raw/Barclays/BarclaysPLSweepstakes/Header_Mobile_AmericanAirlines_1x.jpg | 143.204.55.60 | 200 OK | 40 kB |
URL GET HTTP/2upcdn.io/kW15bTP/raw/Barclays/BarclaysPLSweepstakes/Header_Mobile_AmericanAirlines_1x.jpg IP143.204.55.60:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerAmazon Subjectupcdn.io Fingerprint19:93:1D:7D:0D:E4:4D:F8:E7:09:AF:C6:A0:94:AB:C9:EF:B9:92:1A ValiditySat, 20 Jan 2024 00:00:00 GMT - Mon, 17 Feb 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 642x560, components 3 Hashf5022929eec61ab900c7eea33158d6a7 ef5f44a5670ab748a86c1131aa148d64a77fb186 0108bd6d8362f7d16ec513ce3922c73dbe24264acd9b5cb343227a445af5d80a
GET /kW15bTP/raw/Barclays/BarclaysPLSweepstakes/Header_Mobile_AmericanAirlines_1x.jpg HTTP/1.1
Host: upcdn.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 39859
date: Sun, 31 Mar 2024 10:13:03 GMT
etag: "20ed51c61e07799312ac0231a481215c-1"
content-disposition: inline; filename="Header_Mobile_AmericanAirlines_1x.jpg"; filename*=UTF-8''Header_Mobile_AmericanAirlines_1x.jpg
accept-ranges: bytes
server: Bytescale
x-cache-perma: Hit from Bytescale
content-security-policy: default-src 'none'; media-src 'self' blob: data:; connect-src 'self' blob: data:; img-src 'self' blob: data:;
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Cookie,Authorization,authorization-token
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wgM29EhWDJieh6_QYiT5yvb8eDgqdz3XUT9DR8i1j6W4ChUyvWEJhA==
age: 2929938
cache-control: max-age=31536000
X-Firefox-Spdy: h2
|
|
| wurfl.io/wurfl.js | 13.51.164.40 | 200 OK | 1.5 kB |
IP13.51.164.40:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerAmazon Subjectwurfl.io Fingerprint84:98:DD:3B:AF:04:6D:BB:FE:28:6C:10:1A:EF:71:B5:3C:48:38:97 ValidityWed, 23 Aug 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3512) Hash4e56ee18d87f62dc6297b5d332d1b081 63b4003113f47f2602ac99e828ebf7d615dac68f 2bf5cac174101bde02ebd7664e6dac3f41c3206a3aee299ca2153f4e96d5fd9e
GET /wurfl.js HTTP/1.1
Host: wurfl.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Cache-Control: no-cache
Content-Encoding: br
Content-Type: application/javascript
Cross-Origin-Embedder-Policy: cross-origin
Cross-Origin-Opener-Policy: cross-origin
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 04 May 2024 08:05:20 GMT
Vary: accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version
Content-Length: 1488
Connection: keep-alive
|
|
| www.barclaysplsweepstakes.com/images/Button_T_1x.png | 13.107.213.53 | 200 OK | 774 B |
URL GET HTTP/2www.barclaysplsweepstakes.com/images/Button_T_1x.png IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
File typePNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced Hasha6e5ec535232489621b9aa121f576bcd 03211e6c4bdfe9650ef3f57f3a0757432d76e9d0 b8a753f159204c0f0d40d74945e915185de55980f1b1d1bfaeb980fc416a85d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Button_T_1x.png HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: image/png
content-length: 774
cache-control: no-store
last-modified: Wed, 07 Feb 2024 17:52:38 GMT
etag: "c2348470ee59da1:0"
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080520Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006ugx
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/AmericanAirlines/ | 13.107.213.53 | 200 OK | 7.4 kB |
URL User Request GET HTTP/2www.barclaysplsweepstakes.com/AmericanAirlines/ IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
Hashf80563766b39d2e8fdc00dcf3ef9fbee 79f96fa98d5b5398f45d42cf0b2ad88250e8226b 59f95260698381b87c844d229325d3cd40900cf7f7722874f4caa87a4b3fa990
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /AmericanAirlines/ HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
set-cookie: CFID=9354146; Expires=Mon, 27 Apr 2054 08:05:20 GMT; Path=/; HttpOnly
CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; Expires=Mon, 27 Apr 2054 08:05:20 GMT; Path=/; HttpOnly
ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080519Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006uf6
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/images/Stadium_Footer_lg_2x.jpg | 13.107.213.53 | 404 Not Found | 1.2 kB |
URL GET HTTP/2www.barclaysplsweepstakes.com/images/Stadium_Footer_lg_2x.jpg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash5343c1a8b203c162a3bf3870d9f50fd4 04b5b886c20d88b57eea6d8ff882624a4ac1e51d dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Stadium_Footer_lg_2x.jpg HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 04 May 2024 08:05:20 GMT
content-type: text/html
content-length: 1245
cache-control: no-store
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080520Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006uh0
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/images/Button_Youtube_1x.png | 13.107.213.53 | 200 OK | 693 B |
URL GET HTTP/2www.barclaysplsweepstakes.com/images/Button_Youtube_1x.png IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
File typePNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced Hash56ad82abd49b5389ce24e5dfd7d067f3 032f45470fcb536f655a6ae98de02e932620be09 c93fc11e410831fde5cb180b20d6486285b8cfdd0366165f94a4ad1cad99a496
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Button_Youtube_1x.png HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: image/png
content-length: 693
cache-control: no-store
last-modified: Wed, 07 Feb 2024 17:52:38 GMT
etag: "fdbe8c70ee59da1:0"
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080520Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006ugy
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/images/Button_Instagram_1x.png | 13.107.213.53 | 200 OK | 813 B |
URL GET HTTP/2www.barclaysplsweepstakes.com/images/Button_Instagram_1x.png IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
File typePNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced Hash836d7f1fa434956ec9e95d4140355ba7 f375e0ab2173969040ba2866add86b4b08fb094c d5991f1f30fb1728149a9b8df94bf9630c24b4da320323fdc53588ab26160ae5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Button_Instagram_1x.png HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: image/png
content-length: 813
cache-control: no-store
last-modified: Wed, 07 Feb 2024 17:52:38 GMT
etag: "96688770ee59da1:0"
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080520Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006ugz
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-8TPXSYHM2D | 142.250.74.136 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-8TPXSYHM2D IP142.250.74.136:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101613 bytes) Hash09474c859d4df03d725702b596d7d4f8 5c1972ffacf431c6ae0a895137d50c8710b8dc1c a33efa5403caa642cc9eaa6ec358cf1bb355a448be1a68b41bad478fe418ea2f
GET /gtag/js?id=G-8TPXSYHM2D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 08:05:20 GMT
expires: Sat, 04 May 2024 08:05:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/styles/styles.css?ver=002 | 13.107.213.53 | 200 OK | 19 kB |
URL GET HTTP/2www.barclaysplsweepstakes.com/styles/styles.css?ver=002 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (571) Hash4f8e2cee0cee749e6b8dd709d0e05d67 ab8be08d9cc6d582aebf4748574e42236a31bd2e fb3fd2ae2588164588e8d4046da5ee4754cba2d1441dddcdaaac206e3fa61320
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /styles/styles.css?ver=002 HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: text/css
content-length: 19051
cache-control: no-store
last-modified: Tue, 13 Feb 2024 16:02:58 GMT
etag: "d5b5301d965eda1:0"
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080520Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006ugu
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/styles/bootstrap.min.css?ver=002 | 13.107.213.53 | 200 OK | 153 kB |
URL GET HTTP/2www.barclaysplsweepstakes.com/styles/bootstrap.min.css?ver=002 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (65324) Size153 kB (153182 bytes) Hashdac722a5850c261ab7a254ab891f7fda 8d5598536cabe6317fbe53631f8a72bca5dd5607 bcdae57f819698f6ea53fcaf74814c7ac12ebbb17a9cc21f831c8ed67a0dd4d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /styles/bootstrap.min.css?ver=002 HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: text/css
content-length: 153182
cache-control: no-store
last-modified: Wed, 07 Feb 2024 17:52:41 GMT
etag: "e6b54472ee59da1:0"
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080520Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006ugs
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| use.typekit.net/zfn0znm.css | 23.36.76.122 | 200 OK | 725 B |
URL GET HTTP/2use.typekit.net/zfn0znm.css IP23.36.76.122:443 ASN#20940 Akamai International B.V.
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (516) Hash3440cc17c8d44dd0f15aea9d14e155fa 5cad5c19b64a364d4d7101ed461f8b836afa644d bfbf51ce7a39d16f8fd2efef47e415da1eada6d3015ecf62ba228c21e1bc31ef
GET /zfn0znm.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 725
date: Sat, 04 May 2024 08:05:21 GMT
X-Firefox-Spdy: h2
|
|
| p.typekit.net/p.css?s=1&k=zfn0znm&ht=tk&f=9785.9786.9787.9788&a=86375780&app=typekit&e=css | 23.36.76.96 | 200 OK | 5 B |
URL GET HTTP/2p.typekit.net/p.css?s=1&k=zfn0znm&ht=tk&f=9785.9786.9787.9788&a=86375780&app=typekit&e=css IP23.36.76.96:443 ASN#20940 Akamai International B.V.
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
Hash83d24d4b43cc7eef2b61e66c95f3d158 f0cafc285ee23bb6c28c5166f305493c4331c84d 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=zfn0znm&ht=tk&f=9785.9786.9787.9788&a=86375780&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Sat, 04 May 2024 08:05:21 GMT
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/images/Stadium_Footer_lg_2x.jpg | 13.107.213.53 | 404 Not Found | 1.2 kB |
URL GET HTTP/2www.barclaysplsweepstakes.com/images/Stadium_Footer_lg_2x.jpg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash5343c1a8b203c162a3bf3870d9f50fd4 04b5b886c20d88b57eea6d8ff882624a4ac1e51d dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Stadium_Footer_lg_2x.jpg HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; _ga_8TPXSYHM2D=GS1.1.1714809921.1.0.1714809921.0.0.0; _ga=GA1.1.2069896020.1714809921
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 04 May 2024 08:05:21 GMT
content-type: text/html
content-length: 1245
cache-control: no-store
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080521Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006uk8
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/services/tracking.cfm | 13.107.213.53 | 200 OK | 0 B |
URL POST HTTP/2www.barclaysplsweepstakes.com/services/tracking.cfm IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /services/tracking.cfm HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 428
Origin: https://www.barclaysplsweepstakes.com
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; _ga_8TPXSYHM2D=GS1.1.1714809921.1.0.1714809921.0.0.0; _ga=GA1.1.2069896020.1714809921
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:21 GMT
content-type: text/html;charset=UTF-8
content-length: 0
cache-control: no-store
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080521Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006uka
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 33 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css IP104.18.11.207:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65324) Hashf411c136e2bb302ada2120b3eb1d5bc3 3ae9bb0e7929489abd23736ae892939c8fe98645 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
GET /bootstrap/4.2.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.barclaysplsweepstakes.com
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"f411c136e2bb302ada2120b3eb1d5bc3"
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
cdn-cachedat: 04/06/2024 17:33:43
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1077
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dc0c17158d5fff381254a5ebeccf9127
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e6fc33bf0f7131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.barclaysplsweepstakes.com/images/Button_FaceBook_1x.png | 13.107.213.53 | 200 OK | 680 B |
URL GET HTTP/2www.barclaysplsweepstakes.com/images/Button_FaceBook_1x.png IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerDigiCert, Inc. Subjectwww.barclaysplsweepstakes.com FingerprintBB:85:7F:A6:2B:93:C4:98:46:2C:DA:56:36:E4:85:58:77:92:82:2C ValidityFri, 15 Mar 2024 00:00:00 GMT - Sun, 15 Sep 2024 23:59:59 GMT
File typePNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced Hashb388f556b965f76762cc5179f114a2fa e34870d45513085660bc6b610f7c25e9de6ab8c7 a266e9de8aee16f425b3a8e8063fb124e1c99adfecea2d690780eff43a2cd5b0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/Button_FaceBook_1x.png HTTP/1.1
Host: www.barclaysplsweepstakes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/AmericanAirlines/
Cookie: CFID=9354146; CFTOKEN=40614d715505c617-9A557178-CE1C-EA00-D6B1BED37B78FAEA; ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: image/png
content-length: 680
cache-control: no-store
last-modified: Wed, 07 Feb 2024 17:52:38 GMT
etag: "9d4f7870ee59da1:0"
set-cookie: ASLBSA=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; Path=/; Secure; HttpOnly;
ASLBSACORS=000330c3543b51f5e042a277426c994db5c1afde55f87c4080d734fa336e084a9068; SameSite=none; Path=/; Secure; HttpOnly;
x-azure-ref: 20240504T080520Z-er15bb998b7tjzfh04z8st3p4s00000001sg000000006ugw
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.3.1/js/all.js | 172.67.142.245 | 200 OK | 986 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.3.1/js/all.js IP172.67.142.245:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65351) Size986 kB (986033 bytes) Hashd0482db440697a659af4980d2e841891 d7ff2806086f5924e06910e90a79b44492b52450 8cb270b4d9485a93b31df98113fda8723ffc067fa7bfa90cedd47b76f7b10be1
GET /releases/v5.3.1/js/all.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.barclaysplsweepstakes.com
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"d0482db440697a659af4980d2e841891"
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CK3lsDKv8r6wBsm1wsd2m%2BULHj4pU66b2W45mfqUeD3f40W6s%2BaZ3MF9FaL5fiNOtwqKgQT%2FeZBjbccqv7tryphD6ps6i9FIkN6VA%2FlbucQzmP6gwF4ExZDHOwpcZdJYzGgtl9%2BU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6fc34bf0c5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 56 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js IP104.18.11.207:443
Requested byhttps://www.barclaysplsweepstakes.com/AmericanAirlines/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (55494) Hash6895e8cd60b62646ce12426015888f58 de908c9ed184d74eb525fa7a30449b67fc3a1c14 eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
GET /bootstrap/4.2.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.barclaysplsweepstakes.com
DNT: 1
Connection: keep-alive
Referer: https://www.barclaysplsweepstakes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:05:20 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"6895e8cd60b62646ce12426015888f58"
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
cdn-cachedat: 02/15/2024 11:22:40
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 89de9054de142674048531f09c5bde4d
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e6fc33bf137131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|