Report - www.sg-bigpromo-76.com/cgi-bin/wingame.pl

Report Overview

Submitted URL
www.sg-bigpromo-76.com/cgi-bin/wingame.pl
IP
104.18.21.247
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-29 04:08:48
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.212.166.60
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	104.18.32.68
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	43 kB	34.120.237.76
sgapac.mycleverpush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	529 B	421 B	116.203.25.165
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
api.cleverpush.com	16719	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.7 kB	172.67.71.184
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	746 B	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.35
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	34 kB	216.58.207.195
static.cleverpush.com	16927	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	881 B	104.26.14.31
www.sg-bigpromo-76.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	579 kB	104.18.20.247
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	www.sg-bigpromo-76.com/cgi-bin/wingame.pl	Phishing
2022-11-29	medium	www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js	Phishing
2022-11-29	medium	www.sg-bigpromo-76.com/_global/css/default.css?2022-11-28.4	Phishing
2022-11-29	medium	www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-28.4	Phishing
2022-11-29	medium	www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-28.4	Phishing
2022-11-29	medium	www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-28.4	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	static.cleverpush.com/sdk/chunk/5.114db37e0f7e023a27ac.js	34 kB	2023-03-08	2023-03-13
Pretty URL static.cleverpush.com/sdk/chunk/5.114db37e0f7e023a27ac.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-13 05:46:51 Times Seen1 Hash 4e709fa3adcaf7e57f8afce46ca2963a 399da9fe083b7ecc0ce9e7283934c4a421dbb162 e5fe9fd0aa472fd0ce47490757341a45ac208820e1cabae999b9f948b6e0cdad Loading...

	sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com	70 kB	2023-03-08	2023-03-11
Pretty URL sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com IP 116.203.25.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-11 22:13:57 Times Seen1 Hash 75e1c4a0e3d9aed5b9cfb2f3f1665ea1 07f98408ac942cfe723cfda3034732e3f9d20599 5d6c39f40ae6518f5d2bc06d1eaa7dc4536dded1cfed8d42c4ceaa156723b4ab Loading...

	static.cleverpush.com/sdk/chunk/103.b06b9a0145dcabe481ae.js	98 kB	2023-03-08	2023-03-12
Pretty URL static.cleverpush.com/sdk/chunk/103.b06b9a0145dcabe481ae.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-12 20:31:59 Times Seen1 Hash c86abffed45846c44a1f82cb01c240b0 69f964f7387b7d80032e8fbff19f4738c5741156 1ec8dc19ecab9f739cfd58f49179a4b96e94c86139132d732e12bfcccb939348 Loading...

	www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-28.4	16 kB	2023-03-07	2024-01-09
Pretty URL www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-28.4 IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:59:20 Last Seen2024-01-09 08:53:43 Times Seen68 Hash a3f603406b47edd3f97e48640afbe427 146bb9b28184485d5bac01c11a6ac23f67fdbc71 398c728c2c48a8bacca49d082597c6de06028aa7adb9032c7c5cff08cc17ebaf Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	21 B	2023-03-08	2023-05-21
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-05-21 19:42:31 Times Seen4 Hash 1498f344cab909b01adfae7c44f143d9 6cfac95206d6591601660ab6b0cf540cedd1f85d eb85cd214d8a9d6188d18c2245026d3717b67c6612f8a9d714d614c1fcda6eb5 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	1.1 kB	2023-03-07	2024-03-27
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-03-27 02:14:42 Times Seen115 Hash f14a731981e984c04d08ef668d96d867 23f77eca9c9754fc400db2bfc242088b96ff4e1e 9e727340d7fb316cf59618a46bebc2e45ffcd55904bc1aceac7f4760e5827669 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	3.5 kB	2023-03-07	2024-01-09
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-01-09 08:53:43 Times Seen24 Hash 60fc73f1db2b66a884b41438e678dcd1 e1151c0fd36699bfb79de308085af9c99d36e9c2 2e7406fa9d170fa4788a366eb21c16937c3fbcabce7b7dc0e24158a2a5f1cf87 Loading...

	static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js	5.6 kB	2023-03-08	2023-05-05
Pretty URL static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-05-05 05:44:00 Times Seen105 Hash e89cddaa8c63cff3a495570a91d5e690 397783dc44bf1885bf55f65bc11361d0389bd0d9 df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204 Loading...

	static.cleverpush.com/sdk/chunk/720.88a3607d4c17ce2453f0.js	48 kB	2023-03-08	2023-03-13
Pretty URL static.cleverpush.com/sdk/chunk/720.88a3607d4c17ce2453f0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-13 20:04:56 Times Seen1 Hash 068eefa4304043bf1bb6ddedb6bea8e9 06258e665fd5b5de2c1e4c645498b9e21d82f695 16dfc52adc4b2e77ac5881bf9ecfd0250aaba890abc09b3ad674cc62e455c0be Loading...

	www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-28.4	57 kB	2023-03-07	2023-05-28
Pretty URL www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-28.4 IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2023-05-28 17:27:42 Times Seen96 Hash 4eeb3045b35ec60ac8efdecc52a59c44 bc53e3f6d8cd4feb5bd63129e8cd27b6fef2b79d 0277c1245f8103772c6a4a0a401df99e3bf8de48b79d3fc7689106759b80070a Loading...

	www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-28.4	3.0 kB	2023-03-08	2023-05-21
Pretty URL www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-28.4 IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-05-21 19:42:31 Times Seen4 Hash 8d00fee382917cf48c50cbabb52372e2 ae18b425d6425f2c6676c86da167fe79ca436e62 59504615f381b121722bbcca0e8069cd63313ecdfd7e2a46d5dc8859358d3fa3 Loading...

	www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js	4.0 kB	2023-03-08	2023-03-13
Pretty URL www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-13 08:04:59 Times Seen1 Hash 074f3bddc488fe7e034fcfd71666b410 e617010a7ff782c1d54acf39258b03066127788b c4975ba239bea06f62ef68ad908c963934439d3f53c0710ba99fcb271cadb61d Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	2.9 kB	2023-03-07	2024-03-27
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:40 Last Seen2024-03-27 02:14:42 Times Seen142 Hash 8f844149e7f42121069aecaac33b39d1 470fa242d44e1f8d909200723c8680024860483e 1b694f99a79e26d1ef7459a6759cb3e4a6a7e7b6e3f1e199dce185d71b955f5a Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	107 B	2023-03-11	2023-03-11
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:13:57 Last Seen2023-03-11 22:13:57 Times Seen1 Hash 10de9e290bc75b06665e5a69372b22e3 18267eb2532ab6ff95efb8d7a76c104d3728ed89 5608cbce35e673e26ad474a36c95ad332053e7cae663cb1c4f3f7b72b1e7dca6 Loading...

	www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-28.4	495 B	2023-03-07	2023-05-25
Pretty URL www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-28.4 IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:47 Last Seen2023-05-25 19:33:01 Times Seen7 Hash 1b98ea3cb9f9d5125064031e36e955d6 ce14a655950d8464be8378ba4dcbb4bfa8477b59 41c9ca1210a14096e9078bd3d713390d07e5efb4bdd433f839dee3b0f0c25d61 Loading...

	static.cleverpush.com/sdk/chunk/115.ba0d7343026308ac5af6.js	14 kB	2023-03-08	2023-03-13
Pretty URL static.cleverpush.com/sdk/chunk/115.ba0d7343026308ac5af6.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-13 11:43:27 Times Seen1 Hash bdf3b760e2b81b6f97aa3f8f66d110e5 1672ad41f69faa3e9b782a8bc91e2af179ac15f7 61bd25db9e9cd5fcc44afc53fe9f72a60487085491595001a2841bde54d5abf9 Loading...

	static.cleverpush.com/sdk/chunk/818.2053369c6ba49d7081f4.js	7.5 kB	2023-03-08	2023-03-13
Pretty URL static.cleverpush.com/sdk/chunk/818.2053369c6ba49d7081f4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-13 19:28:26 Times Seen1 Hash 9c2d7319802a49372e38ced07eee7c81 7494e53ab7e7a26d1f38b5a45b490501dd5f49a8 bbf8b26356a91137293331c7299846d0e3b394732a158b0c28a5e09333279647 Loading...

	www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-28.4	90 kB	2023-03-07	2024-03-27
Pretty URL www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-28.4 IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-03-27 02:14:42 Times Seen143 Hash fcb1c635899fd1e781349468b8e5bb84 b9aa7889137b9f895effaf70bbf830346f205738 be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	33 B	2023-03-07	2024-03-27
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-03-27 02:14:42 Times Seen142 Hash 09a035e29ea6d0dc014a73cc7d4dccc0 e75a3da7b29e61396d79e4db8a01d879e4807360 4238d27bdd7b3cea5b12b7125e126fe578db472e52bc31ae63bd7755bf645cbe Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	743 B	2023-03-08	2023-05-09
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.20.247 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-05-09 08:16:47 Times Seen3 Hash 320b6116edc59b4f72655138eb6437da d209207536cf605c9ab75130a39d12f1adbe17a1 c4e7785a19176644b06dfa26f4ee6df1e0fc7ef7e65403c6d9c8208fade23889 Loading...

	static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js	207 kB	2023-03-11	2023-03-11
Pretty URL static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js IP 104.26.14.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:13:57 Last Seen2023-03-11 22:13:57 Times Seen1 Hash d9f48c864b00b0987b5190e92741fdb9 644b27874a3576580ce27fda767b125e9ecbfbd8 065d9b2a20b9a68f007e8590d52bf8499f101f8ba723b6f7837848b270ceee31 Loading...

	sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com	309 B	2023-03-07	2023-03-17
Pretty URL sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com IP 116.203.25.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:47 Last Seen2023-03-17 10:37:07 Times Seen1 Hash 6c088f5aff164f4fd6e11d1fc5450a5f 7c5f7294f4d768eef68f59c051e08c5b0c2f82cc 276f9c4f00aee87e91bac5471e74a8e5cafab9e1941f64bc8837bc953fea3b1d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 372312e323c9d6b3f53eefa2ab96ce31	37 B	2023-03-07	2023-05-03
Pretty Observations First Seen2023-03-07 01:11:40 Last Seen2023-05-03 00:58:57 Times Seen30 Hash 372312e323c9d6b3f53eefa2ab96ce31 cab1ddd7e352e5d1d0683207b9affcf902799e63 c7c863c5380711a4ba46d00eb8cabf7fbfc119abf20e621046b1f068e9630efc Loading...

HTTP Transactions (65)

URL IP Response Size

www.sg-bigpromo-76.com/cgi-bin/wingame.pl

104.18.20.247

302 Found

75 B

URL HTTP/1.1
www.sg-bigpromo-76.com/cgi-bin/wingame.pl
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
75 B (75 bytes)
Hash
278a5de51b26a661d081823418d176cb
76eb605dc938405c43388dbc5520147b79973d3f
3642e910b2c4bb523877680d380499f645972b67c6c7f97af90746360ba7cdb1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cgi-bin/wingame.pl HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Tue, 29 Nov 2022 04:08:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
URI: <https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?>
X-Map-Context: sg
X-Served-By: d-01
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187bb1df74b50f-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6206
Expires: Tue, 29 Nov 2022 05:52:03 GMT
Date: Tue, 29 Nov 2022 04:08:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3928
Expires: Tue, 29 Nov 2022 05:14:05 GMT
Date: Tue, 29 Nov 2022 04:08:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1701
Cache-Control: max-age=111065
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:37 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 10:59:42 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jkrqTxpkz4nChcHIRFxtjngabOlYF14AxN/UQUNJA3ke0ZOXL3vrD0ji6YMYjV5FFdzpCDJ2ZsE=
x-amz-request-id: XZE1SG39HEJXZTJM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 03:42:21 GMT
age: 1576
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 03:19:35 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2942
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:08:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d1e5fa51525f3b6798ef29ca701b9a89
b8f7edb528ef5d2dc126fa655b0abe9661d4c360
e13a567975d66cac73ba717538d36bf0fad66ef1c49d75a605819e4fe76a70e1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E13A567975D66CAC73BA717538D36BF0FAD66EF1C49D75A605819E4FE76A70E1"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Tue, 29 Nov 2022 10:08:21 GMT
Date: Tue, 29 Nov 2022 04:08:37 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 03:08:56 GMT
cache-control: public,max-age=3600
age: 3582
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6022
Cache-Control: max-age=110319
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:47:17 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
e1e41b34bb19478b9b602238f0da3b74
360701c61797f55beb6f215cae8d5ccc7a358d55
04604a920733d473092c6c1e007b6a64ba6e631875d143b30797513c59cac143

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6591
Cache-Control: max-age=98313
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Etag: "63844910-116"
Expires: Wed, 30 Nov 2022 07:27:11 GMT
Last-Modified: Mon, 28 Nov 2022 05:37:20 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.212.166.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.212.166.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DBed+qqG0Kz3+2uYMtP5fQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ngW5P+SeG8ZbCkFfw6FBDuCMI1Q=

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png

104.18.20.247

200 OK

22 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21767 bytes)
Hash
7981da3a02a5756780c085f1f0c3fb19
7d1afa793be355b01b7fd2e50ba783204cbb1047
4ef88b4d9af615ce74727672a2a6600052d4a66b3ac52763c34545fc599fbb14

HTTP Headers

GET /files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 21767
last-modified: Tue, 04 Aug 2020 03:26:55 GMT
etag: "5f28d57f-5507"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab80afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png

104.18.20.247

200 OK

22 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data
Size
22 kB (22240 bytes)
Hash
bd81aeb07c60b9be44a848d07fdcb044
ec650a2422feb29605fb94eed562f37cf35947f1
86d02a86afcc245d53be26b56b724eff30c90c0d9de1143fcbabc4943e67a5a1

HTTP Headers

GET /files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 22240
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-56e0"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab70afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png

104.18.20.247

200 OK

22 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21544 bytes)
Hash
fb3179b1bc6a0e16b7e7cdcec81a2dbe
2751107432076aca4bc2976374240e8f4b4f9c65
966920de5000bf33ff4b2ac41928716f8572053e53b894ab017143a59115cec6

HTTP Headers

GET /files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 21544
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-5428"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab50afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png

104.18.20.247

200 OK

77 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
77 kB (76611 bytes)
Hash
2f3dd28b519f2dca8c9e1c3951e1fef1
87a5cd0c89c018ee7487137943b86a7629900aa9
000f05262c894def5376da7f83f3771a1de7ec9babd5bb81d1dacbf58a9fb26e

HTTP Headers

GET /files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 76611
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-12b43"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab40afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png

104.18.20.247

200 OK

72 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
72 kB (72459 bytes)
Hash
ae5004d1c0d0f375f9d8ab4f2372edf1
d44167cb48e66c411d8439eb7d3a5538749c7329
c070523be8a4f81b4aeaf351744001d17e7883dd54b9fc4f5376a3ceffbf1e40

HTTP Headers

GET /files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 72459
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-11b0b"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86aba0afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png

104.18.20.247

200 OK

58 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
58 kB (57530 bytes)
Hash
a93eefeabd3f51a47c11f4ef085c216d
cc6a9c3e55ffcfb4d4de4079f820aadf03c101fc
a19953eea68cc0ddf20778a10207d79347742a4957ca7a17d36715ad36ab5c49

HTTP Headers

GET /files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 57530
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-e0ba"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab90afe-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
e1e41b34bb19478b9b602238f0da3b74
360701c61797f55beb6f215cae8d5ccc7a358d55
04604a920733d473092c6c1e007b6a64ba6e631875d143b30797513c59cac143

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6591
Cache-Control: max-age=98313
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Etag: "63844910-116"
Expires: Wed, 30 Nov 2022 07:27:11 GMT
Last-Modified: Mon, 28 Nov 2022 05:37:20 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png

104.18.20.247

200 OK

160 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 385 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
160 kB (159989 bytes)
Hash
a56dc40996d5413b2407ad228b34473f
5922cc501e4d244a37d33c58bb6518cacb5f98c0
273cb9ebfe1499aedb2cfe631024f0105a87db5b46de63e4b5e0e1a664d97be8

HTTP Headers

GET /files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 159989
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-270f5"
x-map-context: sg
x-served-by: d-02
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86abb0afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png

104.18.20.247

200 OK

71 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
71 kB (70868 bytes)
Hash
578da5634cb60866130d1ec589afb392
8b2e75e1ad26cc368d4e8e243b8b5ed1674c7dc0
17164a0d41aa14cf37a0c0fc99cbdc4c496d91dd5015e1a488c2acb18a8c6c50

HTTP Headers

GET /files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 70868
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-114d4"
x-map-context: sg
x-served-by: d-02
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab30afe-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 462870
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 465289
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_542_1450867072.png

104.18.20.247

200 OK

1.3 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_542_1450867072.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 100 x 30, 8-bit gray+alpha, non-interlaced\012- data
Size
1.3 kB (1302 bytes)
Hash
f482011337a1fd30d43c4c16fd6fae99
42b84caf4bee84f5e6bc2799d47ed421c0afa5ee
1491ba98acf990484c8a649bfb0f7bc6fe24c676463c76e93d418ca24ce145a3

HTTP Headers

GET /files/web/sponsor/_logos/logo1_542_1450867072.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/png
content-length: 1302
last-modified: Wed, 23 Dec 2015 10:37:53 GMT
etag: "567a7981-516"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab3b0afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg

104.18.20.247

200 OK

1.2 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 100 x 30, 8-bit gray+alpha, non-interlaced\012- data
Size
1.2 kB (1194 bytes)
Hash
138269e0d78814c79c96bde6916e21a1
b044fd802f0e648fd22c19bae34a9dcf49a91c56
a7d53245b9c0e48179a6c4a7bc87df311e2fb325ff7c9e018d2e33d5dc518f8c

HTTP Headers

GET /files/web/sponsor/_logos/logo1_229_1378106311.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/jpeg
content-length: 1194
last-modified: Mon, 02 Sep 2013 07:18:32 GMT
etag: "52243bc8-4aa"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab390afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg

104.18.20.247

200 OK

13 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 100 x 30, 8-bit grayscale, non-interlaced\012- data
Size
13 kB (12940 bytes)
Hash
3b6ff1999a66922904b1c6b8ad51fc00
d1d919cec99f63fa2048e87d9ff4dd7173238abe
c897745d331defcc9183d25af5ece629fc535f492f6b009d42a90f0dc5ef0c26

HTTP Headers

GET /files/web/sponsor/_logos/logo1_441_1490784069.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/jpeg
content-length: 12940
last-modified: Wed, 29 Mar 2017 10:41:09 GMT
etag: "58db8f45-328c"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bba9b320afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_27_1343995230.png

104.18.20.247

200 OK

2.6 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_27_1343995230.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 80 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2601 bytes)
Hash
55b41c6934b3eff9839a40bf998099fc
83e0eeee1ad4d9347e675aacfa05dc286d37d3d8
e1f1d92ff6f91a4fd00415f1ba16805170ea4d9cc7a9a5503e686bd14593aaad

HTTP Headers

GET /files/web/sponsor/_logos/logo1_27_1343995230.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/png
content-length: 2601
last-modified: Mon, 13 Aug 2012 09:16:31 GMT
etag: "5028c5ef-a29"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab380afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_543_1527859615.png

104.18.20.247

200 OK

3.1 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_543_1527859615.png
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 100 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3090 bytes)
Hash
2eb713ef53aa075ecfe0987f1d1e9705
83eecab3c02e550008c262e13458deee0936ce1d
33cc9ee62bc543336e1e48a8838497a51a8c765fee5f186d1c9ef8b500f893f5

HTTP Headers

GET /files/web/sponsor/_logos/logo1_543_1527859615.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/png
content-length: 3090
last-modified: Fri, 01 Jun 2018 13:26:55 GMT
etag: "5b11499f-c12"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab370afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg

104.18.20.247

200 OK

27 kB

URL HTTP/2
www.sg-bigpromo-76.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x603, components 3\012- data
Size
27 kB (26983 bytes)
Hash
cc26fcca4a111a7607dbbc38d85f8bc0
067658a2e35d6d23d84795e0dfe2560051c493f0
5f3f5bf2b2567a61e56f292ceac28e5283dac84e983754e0e3e75c093e5cad9d

HTTP Headers

GET /_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/jpeg
content-length: 26983
etag: "2387602037"
last-modified: Tue, 12 Nov 2019 02:07:13 GMT
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab3a0afe-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
8fbdb1bd970b9c37263b59f5dcf4bb24
ab38e46a9680e50592e66c37360c47e6554a0ea5
348696e4ad7f14c281eb621bf6646d5cd14d4188cc6b7d1ad717cf8b8196ace0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:08:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 12:45:33 GMT
Expires: Sun, 04 Dec 2022 12:45:32 GMT
Etag: "ab38e46a9680e50592e66c37360c47e6554a0ea5"
Cache-Control: max-age=462412,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187bbc98da1c16-OSL

api.cleverpush.com/channel/confirm-alert

172.67.71.184

200 OK

0 B

URL HTTP/2
api.cleverpush.com/channel/confirm-alert
IP
172.67.71.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /channel/confirm-alert HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sg-bigpromo-76.com/
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frXgA8UIX%2BpKD9TqSX%2FQlp3xlsQblTQJDa22S5JU3OKyteiHK1hKg405cK2dKdW3bkFRLt9yNAXsIajn7ZuYCWUmVwTReoZ6PzNh9GLgH2A8l881Iijxyg2Xo5Je4js1L%2BEDtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77187bbe3dbab527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.cleverpush.com/channel/optin-visitor

172.67.71.184

200 OK

0 B

URL HTTP/2
api.cleverpush.com/channel/optin-visitor
IP
172.67.71.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sg-bigpromo-76.com/
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9fxRCvtcpxBFj8OZMJew4whgVx4ZPa9GuG%2B65XZaPllFNa5Xuym5jTGCMogVjhVvtw3LOFfk6YfbRuA1EvNdsxvwgN%2Fl5oJK1MV%2BHcwAwvV3aRZBm74dmbaq%2FBae%2FiCqhRbqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77187bbe2db6b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive

www.sg-bigpromo-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show

104.18.20.247

200 OK

15 kB

URL HTTP/2
www.sg-bigpromo-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
15 kB (14903 bytes)
Hash
046b0d7aaeaad42160e91676b5a7acf8
f6843ca43250bf4914ea6c221c2feb003244406e
446cdfaffc32a923ae60c1a9550e4cba0f36e277cc4782f157c1f242835eaf1f

HTTP Headers

GET /cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: text/html
x-map-context: sg
x-served-by: d-03
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77187bbe1c310afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10445 bytes)
Hash
c76e3c4cc159bda9b9e887fcd449ba51
12d90c36bd455b3b859fdb761b6ed49ea9f98f80
fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10445
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvuDGHaIAMFn_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:02:53 GMT
age: 50746
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3004 bytes)
Hash
22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rb-NFzuOBQEOMHfs7L68ZBeBH_JMqKYfJhxWs4eNYq35L8duYylQdg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:07:34 GMT
age: 7265
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 22182
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 73711
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 4042
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/wingame/74/css/series.css?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/wingame/74/css/series.css?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_global/wingame/74/css/series.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 19 Apr 2022 09:50:17 GMT
etag: W/"625e85d9-616e"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa60afe-OSL
X-Firefox-Spdy: h2

sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com

116.203.25.165

200 OK

0 B

URL HTTP/2
sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com
IP
116.203.25.165:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com HTTP/1.1
Host: sgapac.mycleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
x-robots-tag: noindex
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
x-backend-server: cleverpush-worker-2
content-encoding: gzip
X-Firefox-Spdy: h2

api.cleverpush.com/channel/optin-visitor

172.67.71.184

200 OK

0 B

URL HTTP/2
api.cleverpush.com/channel/optin-visitor
IP
172.67.71.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sg-bigpromo-76.com/
Content-Type: application/json
Origin: https://www.sg-bigpromo-76.com
Content-Length: 54
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZs3uBBhJm8kJBZhMooBPuB70rNIayT%2Bm9rL%2BOCyhJdCujvwHdn%2BtXIR9wUan8pj%2FBx1VXXvZwsDRUL7c11faxRtu55jDFeseZ%2FDWU3iudNyUVSnuLB1Cp2ZBzZyZsNVRbFZRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77187bbe8dffb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/cgi-bin/wingame.pl?

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cgi-bin/wingame.pl? HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/html;charset=UTF-8
x-firstpage: 1
x-page: pregame
x-map-context: sg
x-served-by: d-03
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77187bb499c70afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /files/web/sponsor/_sponsoren/script_50.js HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 08:39:05 GMT
etag: W/"6360db29-fbf"
x-map-context: sg
x-served-by: d-02
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb86ab00afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 10 Nov 2017 11:48:17 GMT
etag: W/"5a059201-15e64"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aaa0afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/css/default.css?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/css/default.css?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_global/css/default.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 18 Feb 2019 07:52:24 GMT
etag: W/"5c6a6438-10e7"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa30afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/favicon.ico

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/favicon.ico
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/x-icon
last-modified: Mon, 04 May 2020 09:08:58 GMT
etag: W/"5eafdbaa-10be"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbc7be50afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 04:08:38 GMT
date: Tue, 29 Nov 2022 04:08:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wingame/50/css/sweepstake.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Nov 2022 14:24:35 GMT
etag: W/"63691523-183a"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa80afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_global/wingame/74/themes/black_000000/css/theme.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2017 08:06:31 GMT
etag: W/"5a265387-25ef"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa90afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wingame/global/js/global.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
last-modified: Tue, 19 May 2020 09:57:38 GMT
etag: W/"5ec3ad92-1ef"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb85aac0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 18 Aug 2016 09:52:51 GMT
etag: W/"57b58573-71c7"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa50afe-OSL
X-Firefox-Spdy: h2

static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js

104.26.14.31

200 OK

0 B

URL HTTP/2
static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js
IP
104.26.14.31:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /channel/loader/3zxL2HhGxKQQZYwsP.js HTTP/1.1
Host: static.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
x-amz-id-2: 3sd8Vk8QsQuTyj8/w08puqfkY33JQuLBF64u3+WHwT/4ZxbLKhCtD7sGWGBDChzAxc3shuzW/ZI=
x-amz-request-id: FVEYWNYGBPM38JSY
last-modified: Tue, 29 Nov 2022 00:02:47 GMT
etag: W/"d9f48c864b00b0987b5190e92741fdb9"
cache-control: public, max-age=21600
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nY5mog%2B%2FEk8GG9cPxWUo%2B3Latwb6HHKR3%2FWLx2wDGdi3tP2C1oNJpsyyNY7CSROzSFNIZa%2FVurK7cSJurSO35%2Fzxq4UN%2B1glOgakm%2Bpynjrws2iSmuCcukV0P8OsvYNOZyw7WcqdFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb8bb02fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wingame/50/js/sweepstake.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 08 Jun 2020 08:52:50 GMT
etag: W/"5eddfc62-ba3"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb86aaf0afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_global/js/scripts.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Jul 2022 07:31:48 GMT
etag: W/"62d900e4-dd9a"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aab0afe-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-28.4

104.18.20.247

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-28.4
IP
104.18.20.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_global/wingame/74/js/series.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 Nov 2020 12:42:01 GMT
etag: W/"5fbe5119-3e54"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aae0afe-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations