| www.sg-bigpromo-76.com/cgi-bin/wingame.pl | 104.18.20.247 | 302 Found | 75 B |
URL HTTP/1.1www.sg-bigpromo-76.com/cgi-bin/wingame.pl IP104.18.20.247:0
File typeHTML document, ASCII text, with no line terminators Hash278a5de51b26a661d081823418d176cb 76eb605dc938405c43388dbc5520147b79973d3f 3642e910b2c4bb523877680d380499f645972b67c6c7f97af90746360ba7cdb1
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cgi-bin/wingame.pl HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 29 Nov 2022 04:08:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
URI: <https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?>
X-Map-Context: sg
X-Served-By: d-01
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187bb1df74b50f-OSL
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha5daf4dc99951793ae2315d4795e8146 4427507ca4d3a5632cc8f598afbc85e2195d00bd 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6206
Expires: Tue, 29 Nov 2022 05:52:03 GMT
Date: Tue, 29 Nov 2022 04:08:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6d9d34c96b9a826ae5676640c966469c 8052a16d41a637e420478b7de1ff5a2dc951fccd f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3928
Expires: Tue, 29 Nov 2022 05:14:05 GMT
Date: Tue, 29 Nov 2022 04:08:37 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9408cc0694fcbea57966c3a3ba906092 fddcee1fdcf3209298e41a4b1b5560357fa165f0 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1701
Cache-Control: max-age=111065
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:37 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 10:59:42 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jkrqTxpkz4nChcHIRFxtjngabOlYF14AxN/UQUNJA3ke0ZOXL3vrD0ji6YMYjV5FFdzpCDJ2ZsE=
x-amz-request-id: XZE1SG39HEJXZTJM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 03:42:21 GMT
age: 1576
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 03:19:35 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2942
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:08:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd1e5fa51525f3b6798ef29ca701b9a89 b8f7edb528ef5d2dc126fa655b0abe9661d4c360 e13a567975d66cac73ba717538d36bf0fad66ef1c49d75a605819e4fe76a70e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E13A567975D66CAC73BA717538D36BF0FAD66EF1C49D75A605819E4FE76A70E1"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Tue, 29 Nov 2022 10:08:21 GMT
Date: Tue, 29 Nov 2022 04:08:37 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 03:08:56 GMT
cache-control: public,max-age=3600
age: 3582
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7ab2ef968cb6a3078f4b9cb2dda813d4 e669116047ca058a2c1b2999ff0ea8682719162c 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6022
Cache-Control: max-age=110319
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:47:17 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashe1e41b34bb19478b9b602238f0da3b74 360701c61797f55beb6f215cae8d5ccc7a358d55 04604a920733d473092c6c1e007b6a64ba6e631875d143b30797513c59cac143
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6591
Cache-Control: max-age=98313
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Etag: "63844910-116"
Expires: Wed, 30 Nov 2022 07:27:11 GMT
Last-Modified: Mon, 28 Nov 2022 05:37:20 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashdfc6d93c89faf83ac654cd676c02764d ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d 83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash07b8296613be09905e34b09dce4a203f c97c67e8c4b1247423d089c028c31e05734f124e c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 34.212.166.60 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.212.166.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DBed+qqG0Kz3+2uYMtP5fQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ngW5P+SeG8ZbCkFfw6FBDuCMI1Q=
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png | 104.18.20.247 | 200 OK | 22 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png IP104.18.20.247:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hash7981da3a02a5756780c085f1f0c3fb19 7d1afa793be355b01b7fd2e50ba783204cbb1047 4ef88b4d9af615ce74727672a2a6600052d4a66b3ac52763c34545fc599fbb14
GET /files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 21767
last-modified: Tue, 04 Aug 2020 03:26:55 GMT
etag: "5f28d57f-5507"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab80afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png | 104.18.20.247 | 200 OK | 22 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png IP104.18.20.247:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hashbd81aeb07c60b9be44a848d07fdcb044 ec650a2422feb29605fb94eed562f37cf35947f1 86d02a86afcc245d53be26b56b724eff30c90c0d9de1143fcbabc4943e67a5a1
GET /files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 22240
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-56e0"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab70afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png | 104.18.20.247 | 200 OK | 22 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png IP104.18.20.247:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hashfb3179b1bc6a0e16b7e7cdcec81a2dbe 2751107432076aca4bc2976374240e8f4b4f9c65 966920de5000bf33ff4b2ac41928716f8572053e53b894ab017143a59115cec6
GET /files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 21544
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-5428"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab50afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png | 104.18.20.247 | 200 OK | 77 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png IP104.18.20.247:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hash2f3dd28b519f2dca8c9e1c3951e1fef1 87a5cd0c89c018ee7487137943b86a7629900aa9 000f05262c894def5376da7f83f3771a1de7ec9babd5bb81d1dacbf58a9fb26e
GET /files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 76611
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-12b43"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab40afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png | 104.18.20.247 | 200 OK | 72 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png IP104.18.20.247:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hashae5004d1c0d0f375f9d8ab4f2372edf1 d44167cb48e66c411d8439eb7d3a5538749c7329 c070523be8a4f81b4aeaf351744001d17e7883dd54b9fc4f5376a3ceffbf1e40
GET /files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 72459
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-11b0b"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86aba0afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png | 104.18.20.247 | 200 OK | 58 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png IP104.18.20.247:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hasha93eefeabd3f51a47c11f4ef085c216d cc6a9c3e55ffcfb4d4de4079f820aadf03c101fc a19953eea68cc0ddf20778a10207d79347742a4957ca7a17d36715ad36ab5c49
GET /files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 57530
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-e0ba"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab90afe-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashe1e41b34bb19478b9b602238f0da3b74 360701c61797f55beb6f215cae8d5ccc7a358d55 04604a920733d473092c6c1e007b6a64ba6e631875d143b30797513c59cac143
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6591
Cache-Control: max-age=98313
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Etag: "63844910-116"
Expires: Wed, 30 Nov 2022 07:27:11 GMT
Last-Modified: Mon, 28 Nov 2022 05:37:20 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png | 104.18.20.247 | 200 OK | 160 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png IP104.18.20.247:0
File typePNG image data, 385 x 256, 8-bit/color RGBA, non-interlaced\012- data Size160 kB (159989 bytes) Hasha56dc40996d5413b2407ad228b34473f 5922cc501e4d244a37d33c58bb6518cacb5f98c0 273cb9ebfe1499aedb2cfe631024f0105a87db5b46de63e4b5e0e1a664d97be8
GET /files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 159989
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-270f5"
x-map-context: sg
x-served-by: d-02
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86abb0afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png | 104.18.20.247 | 200 OK | 71 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png IP104.18.20.247:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hash578da5634cb60866130d1ec589afb392 8b2e75e1ad26cc368d4e8e243b8b5ed1674c7dc0 17164a0d41aa14cf37a0c0fc99cbdc4c496d91dd5015e1a488c2acb18a8c6c50
GET /files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: image/png
content-length: 70868
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-114d4"
x-map-context: sg
x-served-by: d-02
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb86ab30afe-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashcd0a5be4865b85e858cfcaafa90f8dca 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 462870
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashcd0a5be4865b85e858cfcaafa90f8dca 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 465289
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash49eee25f3ccd585a29e34e80cf5bb160 73eca8be91deedd049304862759a3d8084c0b07e 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:08:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_542_1450867072.png | 104.18.20.247 | 200 OK | 1.3 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_542_1450867072.png IP104.18.20.247:0
File typePNG image data, 100 x 30, 8-bit gray+alpha, non-interlaced\012- data Hashf482011337a1fd30d43c4c16fd6fae99 42b84caf4bee84f5e6bc2799d47ed421c0afa5ee 1491ba98acf990484c8a649bfb0f7bc6fe24c676463c76e93d418ca24ce145a3
GET /files/web/sponsor/_logos/logo1_542_1450867072.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/png
content-length: 1302
last-modified: Wed, 23 Dec 2015 10:37:53 GMT
etag: "567a7981-516"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab3b0afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg | 104.18.20.247 | 200 OK | 1.2 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg IP104.18.20.247:0
File typePNG image data, 100 x 30, 8-bit gray+alpha, non-interlaced\012- data Hash138269e0d78814c79c96bde6916e21a1 b044fd802f0e648fd22c19bae34a9dcf49a91c56 a7d53245b9c0e48179a6c4a7bc87df311e2fb325ff7c9e018d2e33d5dc518f8c
GET /files/web/sponsor/_logos/logo1_229_1378106311.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/jpeg
content-length: 1194
last-modified: Mon, 02 Sep 2013 07:18:32 GMT
etag: "52243bc8-4aa"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab390afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg | 104.18.20.247 | 200 OK | 13 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg IP104.18.20.247:0
File typePNG image data, 100 x 30, 8-bit grayscale, non-interlaced\012- data Hash3b6ff1999a66922904b1c6b8ad51fc00 d1d919cec99f63fa2048e87d9ff4dd7173238abe c897745d331defcc9183d25af5ece629fc535f492f6b009d42a90f0dc5ef0c26
GET /files/web/sponsor/_logos/logo1_441_1490784069.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/jpeg
content-length: 12940
last-modified: Wed, 29 Mar 2017 10:41:09 GMT
etag: "58db8f45-328c"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bba9b320afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_27_1343995230.png | 104.18.20.247 | 200 OK | 2.6 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_27_1343995230.png IP104.18.20.247:0
File typePNG image data, 80 x 30, 8-bit/color RGBA, non-interlaced\012- data Hash55b41c6934b3eff9839a40bf998099fc 83e0eeee1ad4d9347e675aacfa05dc286d37d3d8 e1f1d92ff6f91a4fd00415f1ba16805170ea4d9cc7a9a5503e686bd14593aaad
GET /files/web/sponsor/_logos/logo1_27_1343995230.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/png
content-length: 2601
last-modified: Mon, 13 Aug 2012 09:16:31 GMT
etag: "5028c5ef-a29"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab380afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_543_1527859615.png | 104.18.20.247 | 200 OK | 3.1 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_543_1527859615.png IP104.18.20.247:0
File typePNG image data, 100 x 30, 8-bit/color RGBA, non-interlaced\012- data Hash2eb713ef53aa075ecfe0987f1d1e9705 83eecab3c02e550008c262e13458deee0936ce1d 33cc9ee62bc543336e1e48a8838497a51a8c765fee5f186d1c9ef8b500f893f5
GET /files/web/sponsor/_logos/logo1_543_1527859615.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/png
content-length: 3090
last-modified: Fri, 01 Jun 2018 13:26:55 GMT
etag: "5b11499f-c12"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab370afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg | 104.18.20.247 | 200 OK | 27 kB |
URL HTTP/2www.sg-bigpromo-76.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg IP104.18.20.247:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x603, components 3\012- data Hashcc26fcca4a111a7607dbbc38d85f8bc0 067658a2e35d6d23d84795e0dfe2560051c493f0 5f3f5bf2b2567a61e56f292ceac28e5283dac84e983754e0e3e75c093e5cad9d
GET /_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/jpeg
content-length: 26983
etag: "2387602037"
last-modified: Tue, 12 Nov 2019 02:07:13 GMT
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbaab3a0afe-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash8fbdb1bd970b9c37263b59f5dcf4bb24 ab38e46a9680e50592e66c37360c47e6554a0ea5 348696e4ad7f14c281eb621bf6646d5cd14d4188cc6b7d1ad717cf8b8196ace0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 04:08:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 12:45:33 GMT
Expires: Sun, 04 Dec 2022 12:45:32 GMT
Etag: "ab38e46a9680e50592e66c37360c47e6554a0ea5"
Cache-Control: max-age=462412,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77187bbc98da1c16-OSL
|
|
| api.cleverpush.com/channel/confirm-alert | 172.67.71.184 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/confirm-alert IP172.67.71.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /channel/confirm-alert HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sg-bigpromo-76.com/
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frXgA8UIX%2BpKD9TqSX%2FQlp3xlsQblTQJDa22S5JU3OKyteiHK1hKg405cK2dKdW3bkFRLt9yNAXsIajn7ZuYCWUmVwTReoZ6PzNh9GLgH2A8l881Iijxyg2Xo5Je4js1L%2BEDtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77187bbe3dbab527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.cleverpush.com/channel/optin-visitor | 172.67.71.184 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/optin-visitor IP172.67.71.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sg-bigpromo-76.com/
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9fxRCvtcpxBFj8OZMJew4whgVx4ZPa9GuG%2B65XZaPllFNa5Xuym5jTGCMogVjhVvtw3LOFfk6YfbRuA1EvNdsxvwgN%2Fl5oJK1MV%2BHcwAwvV3aRZBm74dmbaq%2FBae%2FiCqhRbqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77187bbe2db6b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashac3edd07bb0a4ebdaae6ec26e91d2079 b6efe3811dfa37cdcde1e9d411c171732ac7e12a c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4472
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 04:08:39 GMT
Connection: keep-alive
|
|
| www.sg-bigpromo-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show | 104.18.20.247 | 200 OK | 15 kB |
URL HTTP/2www.sg-bigpromo-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show IP104.18.20.247:0
Hash046b0d7aaeaad42160e91676b5a7acf8 f6843ca43250bf4914ea6c221c2feb003244406e 446cdfaffc32a923ae60c1a9550e4cba0f36e277cc4782f157c1f242835eaf1f
GET /cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: text/html
x-map-context: sg
x-served-by: d-03
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77187bbe1c310afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc76e3c4cc159bda9b9e887fcd449ba51 12d90c36bd455b3b859fdb761b6ed49ea9f98f80 fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10445
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvuDGHaIAMFn_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:02:53 GMT
age: 50746
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg | 34.120.237.76 | 200 OK | 3.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash22e7d3e11e78242383e452adb9299016 035a1b4a2a7889787532ec2637d5c21e06daf672 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rb-NFzuOBQEOMHfs7L68ZBeBH_JMqKYfJhxWs4eNYq35L8duYylQdg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:07:34 GMT
age: 7265
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcce27a1fe8c0222811a5ce0e7f89e1cb 28c165bac8cf68cd1b0763c311aece00672cb3a5 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 22182
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash03014221d7f49b50ffc2d1b0a0e75457 772d86ad983042a728ee3490630a9cf1134ad0dd 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 73711
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash83c1fedec73299637cc7dc47c48af758 2e3f7326aeea6be8a34bf2c39b34862c07bfdc41 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 4042
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/wingame/74/css/series.css?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/wingame/74/css/series.css?2022-11-28.4 IP104.18.20.247:0
GET /_global/wingame/74/css/series.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 19 Apr 2022 09:50:17 GMT
etag: W/"625e85d9-616e"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa60afe-OSL
X-Firefox-Spdy: h2
|
|
| sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com | 116.203.25.165 | 200 OK | 0 B |
URL HTTP/2sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com IP116.203.25.165:0 ASN#24940 Hetzner Online GmbH
GET /iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com HTTP/1.1
Host: sgapac.mycleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
x-robots-tag: noindex
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
x-backend-server: cleverpush-worker-2
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| api.cleverpush.com/channel/optin-visitor | 172.67.71.184 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/optin-visitor IP172.67.71.184:0
POST /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sg-bigpromo-76.com/
Content-Type: application/json
Origin: https://www.sg-bigpromo-76.com
Content-Length: 54
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZs3uBBhJm8kJBZhMooBPuB70rNIayT%2Bm9rL%2BOCyhJdCujvwHdn%2BtXIR9wUan8pj%2FBx1VXXvZwsDRUL7c11faxRtu55jDFeseZ%2FDWU3iudNyUVSnuLB1Cp2ZBzZyZsNVRbFZRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77187bbe8dffb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/cgi-bin/wingame.pl? | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP104.18.20.247:0
GET /cgi-bin/wingame.pl? HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/html;charset=UTF-8
x-firstpage: 1
x-page: pregame
x-map-context: sg
x-served-by: d-03
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77187bb499c70afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js IP104.18.20.247:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /files/web/sponsor/_sponsoren/script_50.js HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 08:39:05 GMT
etag: W/"6360db29-fbf"
x-map-context: sg
x-served-by: d-02
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb86ab00afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-28.4 IP104.18.20.247:0
GET /_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 10 Nov 2017 11:48:17 GMT
etag: W/"5a059201-15e64"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aaa0afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/css/default.css?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/css/default.css?2022-11-28.4 IP104.18.20.247:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/css/default.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 18 Feb 2019 07:52:24 GMT
etag: W/"5c6a6438-10e7"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa30afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/favicon.ico | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/favicon.ico IP104.18.20.247:0
GET /favicon.ico HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:39 GMT
content-type: image/x-icon
last-modified: Mon, 04 May 2020 09:08:58 GMT
etag: W/"5eafdbaa-10be"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:39 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bbc7be50afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400,700 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:400,700 IP142.250.74.10:0
GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 04:08:38 GMT
date: Tue, 29 Nov 2022 04:08:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-28.4 IP104.18.20.247:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wingame/50/css/sweepstake.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Nov 2022 14:24:35 GMT
etag: W/"63691523-183a"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa80afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-28.4 IP104.18.20.247:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/wingame/74/themes/black_000000/css/theme.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2017 08:06:31 GMT
etag: W/"5a265387-25ef"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa90afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-28.4 IP104.18.20.247:0
GET /wingame/global/js/global.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
last-modified: Tue, 19 May 2020 09:57:38 GMT
etag: W/"5ec3ad92-1ef"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb85aac0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-28.4 IP104.18.20.247:0
GET /_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 18 Aug 2016 09:52:51 GMT
etag: W/"57b58573-71c7"
x-map-context: sg
x-served-by: d-04
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aa50afe-OSL
X-Firefox-Spdy: h2
|
|
| static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js | 104.26.14.31 | 200 OK | 0 B |
URL HTTP/2static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js IP104.26.14.31:0
GET /channel/loader/3zxL2HhGxKQQZYwsP.js HTTP/1.1
Host: static.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
x-amz-id-2: 3sd8Vk8QsQuTyj8/w08puqfkY33JQuLBF64u3+WHwT/4ZxbLKhCtD7sGWGBDChzAxc3shuzW/ZI=
x-amz-request-id: FVEYWNYGBPM38JSY
last-modified: Tue, 29 Nov 2022 00:02:47 GMT
etag: W/"d9f48c864b00b0987b5190e92741fdb9"
cache-control: public, max-age=21600
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nY5mog%2B%2FEk8GG9cPxWUo%2B3Latwb6HHKR3%2FWLx2wDGdi3tP2C1oNJpsyyNY7CSROzSFNIZa%2FVurK7cSJurSO35%2Fzxq4UN%2B1glOgakm%2Bpynjrws2iSmuCcukV0P8OsvYNOZyw7WcqdFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77187bb8bb02fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-28.4 IP104.18.20.247:0
GET /wingame/50/js/sweepstake.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 08 Jun 2020 08:52:50 GMT
etag: W/"5eddfc62-ba3"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb86aaf0afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-28.4 IP104.18.20.247:0
GET /_global/js/scripts.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Jul 2022 07:31:48 GMT
etag: W/"62d900e4-dd9a"
x-map-context: sg
x-served-by: d-01
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aab0afe-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-28.4 | 104.18.20.247 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-28.4 IP104.18.20.247:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/wingame/74/js/series.js?2022-11-28.4 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:08:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 Nov 2020 12:42:01 GMT
etag: W/"5fbe5119-3e54"
x-map-context: sg
x-served-by: d-03
expires: Wed, 30 Nov 2022 04:08:38 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77187bb85aae0afe-OSL
X-Firefox-Spdy: h2
|
|