| detectportal.firefox.com/success.txt?ipv4 | 34.107.221.82 | 200 OK | 8 B |
URL HTTP/1.1detectportal.firefox.com/success.txt?ipv4 IP34.107.221.82:0
Hashae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 12 Dec 2022 12:42:55 GMT
Age: 33074
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
|
|
| www.vouchers-sg-51.com/cgi-bin/wingame.pl | 104.18.11.234 | 302 Found | 75 B |
URL HTTP/1.1www.vouchers-sg-51.com/cgi-bin/wingame.pl IP104.18.11.234:0
File typeHTML document, ASCII text, with no line terminators Hash1b45f80ccb4ef2dc7558651258e2403f 3d37f4e233a565714bbfd376e8871f0769c2cc7f edb10bf04694b659de9d2c328ec95854369f8ce4e111218e60b87c4064af93a2
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cgi-bin/wingame.pl HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 12 Dec 2022 21:54:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
URI: <https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?>
X-Map-Context: sg
X-Served-By: d-04
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7789b2685cd0b4e8-OSL
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc4ae9e5f654895e63f3a0a13c5eb18c1 630e510407bacc5b4d0ca073173c65078d77aa72 722cb340d2866bd284e11b419c9ec9df095da8143bc8b15a51757f1738c2fa35
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "722CB340D2866BD284E11B419C9EC9DF095DA8143BC8B15A51757F1738C2FA35"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9831
Expires: Tue, 13 Dec 2022 00:38:00 GMT
Date: Mon, 12 Dec 2022 21:54:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3c0c53379f331e934f61070074d41035 420f6e542cbf741838566f22e475a80e2f600d21 4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9083
Expires: Tue, 13 Dec 2022 00:25:32 GMT
Date: Mon, 12 Dec 2022 21:54:09 GMT
Connection: keep-alive
|
|
| getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 | 34.120.5.221 | 200 OK | 37 kB |
URL HTTP/2getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 IP34.120.5.221:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hashcd508cb2fa2249e004f2f05d80e13e13 5e5aedee8df1bd8144ea87cdf35ae046428e64b3 c5b4505950c8d39a2362605eaa080c9792cdbf150658974ba620a79360138dc1
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: iw7CwQFBXZeCUeURW-bpwZ0--ixWbU3Uipf3bbTKFEt3lZoiINYHfw==
content-encoding: gzip
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:51:27 GMT
content-type: application/json
content-length: 37324
age: 162
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashdbd022fec0a71226daaf29b7563a8896 c37d14dc7b3849a4bb815fa325fb5e70fae54039 22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2997
Expires: Mon, 12 Dec 2022 22:44:06 GMT
Date: Mon, 12 Dec 2022 21:54:09 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aSIneM8riLc0D25dtwBI+s9FlZ28Qeq4dG0o8QS+l6tHOPkUb9J5RKIFi8ZIpqc4EJjiQXGWQQsobCSco+bQ+Q==
x-amz-request-id: ZSAEVVDZ2B4E01B8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 21:29:21 GMT
age: 1488
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb8fe6ec1ac390bc5b90b68b0e3005299 4ce20d527fcc93a2a6d1c5f3ab73ee8ded2a57f2 1755a645d41780a9e54ee1ad04a2b293d16d2a98e543f81835c3a66e3d58c3be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1755A645D41780A9E54EE1AD04A2B293D16D2A98E543F81835C3A66E3D58C3BE"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7586
Expires: Tue, 13 Dec 2022 00:00:35 GMT
Date: Mon, 12 Dec 2022 21:54:09 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 21:33:43 GMT
content-type: application/json
age: 1226
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 21:54:09 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash330253d1412f2bc019b9e616429bdd2c be98309fd772c5a0fd976917357ab64040e0e9ac 9d72de8f62383856d0bc595d03aec1f32430470cfe5528a53227fe8402a95432
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D72DE8F62383856D0BC595D03AEC1F32430470CFE5528A53227FE8402A95432"
Last-Modified: Sun, 11 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Tue, 13 Dec 2022 03:53:45 GMT
Date: Mon, 12 Dec 2022 21:54:09 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hasheb2d59cdcb72a43b02b054cf9a42ea71 f68a68d3536b42d96380bb43293cb8c901a78f11 ff76738f3b31ee3c799ede5cc438dd1375198a5d87b49a376071e171d527373f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4348
Cache-Control: max-age=162812
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:10 GMT
Etag: "63976b02-1d7"
Expires: Wed, 14 Dec 2022 19:07:42 GMT
Last-Modified: Mon, 12 Dec 2022 17:55:14 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 21:33:17 GMT
age: 1253
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashee19f96e42a0eca99d00c8d91f977c35 3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9 6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4294
Cache-Control: max-age=131055
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:10 GMT
Etag: "6396ef2b-1d7"
Expires: Wed, 14 Dec 2022 10:18:25 GMT
Last-Modified: Mon, 12 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 | 34.215.6.110 | 200 OK | 8 B |
URL HTTP/1.1shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 IP34.215.6.110:0
Hash29fc57841962e407cb50c1be60284bf7 ce968a77e2996da5eee8925182318f171ccdce47 ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Mon, 12 Dec 2022 21:54:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
|
|
| push.services.mozilla.com/ | 35.86.38.2 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.86.38.2:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QeZGjDdR0MhPU5VW4Dkbmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fMjmNL9fe/l5vAK7MZ6T7f1AO+U=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0f3dad0d025c4b6b8abd5d698f00cfbd 3a82ecac8709c7acd620316502a0e774ac3b1170 8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0f3dad0d025c4b6b8abd5d698f00cfbd 3a82ecac8709c7acd620316502a0e774ac3b1170 8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670878649293%22 | 35.241.9.150 | 200 OK | 22 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670878649293%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (21675), with no line terminators Hash0a12f0cec348b0fd1421ddacdf0f4347 048b1bc1de8b280a24375d2f8e69096dba113444 5ee4953b3ec37e1803fe8fa9ead3cf92caeb656b4df0bdf107097684b3d84fc8
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670878649293%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Mon, 12 Dec 2022 21:02:21 GMT
last-modified: Mon, 12 Dec 2022 20:57:29 GMT
content-type: application/json
age: 3109
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22 | 35.241.9.150 | 200 OK | 8.3 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (8322), with no line terminators Hash7124adf8e0faebbc77b775185aaf3b33 aacce2c95e9e0c77a0d356fd948b3298937ef6c3 eec0a6dea45d80964aa28968deac9c4cc4190f7aeb28205a8448304499cc9c88
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 8322
via: 1.1 google
date: Mon, 12 Dec 2022 20:59:08 GMT
age: 3302
last-modified: Thu, 08 Dec 2022 18:37:21 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: mNeKAmFtIhruR6sOXk321vde87DsAQ2908IMrUPt4yy04H3oW6G3+KsiVegYU27h2WjKTGWT+b4=
x-amz-request-id: DAVEKTE06BM4B3GF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 21:49:46 GMT
age: 264
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png | 104.18.11.234 | 200 OK | 22 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png IP104.18.11.234:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hash7981da3a02a5756780c085f1f0c3fb19 7d1afa793be355b01b7fd2e50ba783204cbb1047 4ef88b4d9af615ce74727672a2a6600052d4a66b3ac52763c34545fc599fbb14
GET /files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: image/png
content-length: 21767
last-modified: Tue, 04 Aug 2020 03:26:55 GMT
etag: "5f28d57f-5507"
x-map-context: sg
x-served-by: d-03
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b26fff68b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png | 104.18.11.234 | 200 OK | 22 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png IP104.18.11.234:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hashfb3179b1bc6a0e16b7e7cdcec81a2dbe 2751107432076aca4bc2976374240e8f4b4f9c65 966920de5000bf33ff4b2ac41928716f8572053e53b894ab017143a59115cec6
GET /files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: image/png
content-length: 21544
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-5428"
x-map-context: sg
x-served-by: d-02
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b26fff57b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png | 104.18.11.234 | 200 OK | 22 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png IP104.18.11.234:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hashbd81aeb07c60b9be44a848d07fdcb044 ec650a2422feb29605fb94eed562f37cf35947f1 86d02a86afcc245d53be26b56b724eff30c90c0d9de1143fcbabc4943e67a5a1
GET /files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: image/png
content-length: 22240
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-56e0"
x-map-context: sg
x-served-by: d-02
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b26fff5fb4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png | 104.18.11.234 | 200 OK | 71 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png IP104.18.11.234:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hash578da5634cb60866130d1ec589afb392 8b2e75e1ad26cc368d4e8e243b8b5ed1674c7dc0 17164a0d41aa14cf37a0c0fc99cbdc4c496d91dd5015e1a488c2acb18a8c6c50
GET /files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: image/png
content-length: 70868
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-114d4"
x-map-context: sg
x-served-by: d-02
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b26fef32b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png | 104.18.11.234 | 200 OK | 77 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png IP104.18.11.234:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hash2f3dd28b519f2dca8c9e1c3951e1fef1 87a5cd0c89c018ee7487137943b86a7629900aa9 000f05262c894def5376da7f83f3771a1de7ec9babd5bb81d1dacbf58a9fb26e
GET /files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: image/png
content-length: 76611
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-12b43"
x-map-context: sg
x-served-by: d-03
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b26fff4db4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png | 104.18.11.234 | 200 OK | 72 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png IP104.18.11.234:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hashae5004d1c0d0f375f9d8ab4f2372edf1 d44167cb48e66c411d8439eb7d3a5538749c7329 c070523be8a4f81b4aeaf351744001d17e7883dd54b9fc4f5376a3ceffbf1e40
GET /files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: image/png
content-length: 72459
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-11b0b"
x-map-context: sg
x-served-by: d-04
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2700f77b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png | 104.18.11.234 | 200 OK | 160 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png IP104.18.11.234:0
File typePNG image data, 385 x 256, 8-bit/color RGBA, non-interlaced\012- data Size160 kB (159989 bytes) Hasha56dc40996d5413b2407ad228b34473f 5922cc501e4d244a37d33c58bb6518cacb5f98c0 273cb9ebfe1499aedb2cfe631024f0105a87db5b46de63e4b5e0e1a664d97be8
GET /files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: image/png
content-length: 159989
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-270f5"
x-map-context: sg
x-served-by: d-03
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2701f86b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png | 104.18.11.234 | 200 OK | 58 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png IP104.18.11.234:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hasha93eefeabd3f51a47c11f4ef085c216d cc6a9c3e55ffcfb4d4de4079f820aadf03c101fc a19953eea68cc0ddf20778a10207d79347742a4957ca7a17d36715ad36ab5c49
GET /files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: image/png
content-length: 57530
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-e0ba"
x-map-context: sg
x-served-by: d-04
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2700f73b4fd-OSL
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670868498453&_since=%221666279968541%22 | 35.241.9.150 | 200 OK | 55 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670868498453&_since=%221666279968541%22 IP35.241.9.150:0
File typeASCII text, with very long lines (55436), with no line terminators Hash47223470b3e7808c95734e4bbd1bded7 036381c6e01f95c5cf343d221099fd64a73f00e7 3e1dde5ee8d5d3bf168546b39909e94e33a2b862dbb93d0a65d94b55cd46bee3
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670868498453&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 55436
via: 1.1 google
date: Mon, 12 Dec 2022 21:30:21 GMT
age: 1429
last-modified: Mon, 12 Dec 2022 18:08:18 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/wingame/50/js/sweepstake.js?2022-12-12.2 | 104.18.11.234 | 200 OK | 1.5 kB |
URL HTTP/2www.vouchers-sg-51.com/wingame/50/js/sweepstake.js?2022-12-12.2 IP104.18.11.234:0
Hashcd2c2e6ba56fa3dae80c1ac8e1bf86bd 6919b65d9e81c277a40f2fc7ae97413b9c9af64b 8eb8ea910bcd253aa7ec970940a1ef9df5971ec88b0f06b907fd662d553d39b1
GET /wingame/50/js/sweepstake.js?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 08 Jun 2020 08:52:50 GMT
etag: W/"5eddfc62-ba3"
x-map-context: sg
x-served-by: d-04
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fdf1db4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/_global/js/scripts.js?2022-12-12.2 | 104.18.11.234 | 200 OK | 29 kB |
URL HTTP/2www.vouchers-sg-51.com/_global/js/scripts.js?2022-12-12.2 IP104.18.11.234:0
Hashdbdab315d39922caf5c154c6339e6227 636e2e0cfabff93b581ebd609598d09890150416 7c66f312f15dc5b9867fc54bdfc23ace443e4365e47ffc4594c0920c136260a7
GET /_global/js/scripts.js?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Jul 2022 07:31:48 GMT
etag: W/"62d900e4-dd9a"
x-map-context: sg
x-served-by: d-01
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fcf0ab4fd-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6d462d3e6bc6168ee30040355f8b96ee 7578100cefe27a95fc25fa11481d78353185a9f0 7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vouchers-sg-51.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 440417
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1670864154336&_since=%221657747510534%22 | 35.241.9.150 | 200 OK | 1.9 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1670864154336&_since=%221657747510534%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (1870), with no line terminators Hash3f4f9c4f83d779d53337d74ee16e9fb3 99f1eb7c1b4fc78c3f7d2084a47bbbc080114aa7 5df090a4493f38f761496807ba054b8f48ace10b459739ca1079d8e9a52e8050
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1670864154336&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1870
via: 1.1 google
date: Mon, 12 Dec 2022 20:59:08 GMT
age: 3303
last-modified: Mon, 12 Dec 2022 16:55:54 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6d462d3e6bc6168ee30040355f8b96ee 7578100cefe27a95fc25fa11481d78353185a9f0 7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 21:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 | 35.241.9.150 | 200 OK | 1.5 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (1506), with no line terminators Hash60aff2c76d83b244d81d756641018f0a baf1ab10d05ecfa5499ed6b5d9852ab843037e0e cfeca2c493d5d5342e1fb3689e562c8725a8f72b806998596354db5a2e7fbf87
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Mon, 12 Dec 2022 21:28:33 GMT
age: 1538
last-modified: Mon, 12 Dec 2022 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670630464513&_since=%221666483264567%22 | 35.241.9.150 | 200 OK | 55 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670630464513&_since=%221666483264567%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (55266), with no line terminators Hash5d2fb5722e6042a1560c246186743a70 726069d7106d0c0e4062969f77be7d2f6fd6aff1 77246389c44e20939ee5db84acddf57176e58c5b8e11764b860c191c631d0de5
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670630464513&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 55266
via: 1.1 google
date: Mon, 12 Dec 2022 21:42:43 GMT
age: 688
last-modified: Sat, 10 Dec 2022 00:01:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg | 104.18.11.234 | 200 OK | 1.2 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg IP104.18.11.234:0
File typePNG image data, 100 x 30, 8-bit gray+alpha, non-interlaced\012- data Hash138269e0d78814c79c96bde6916e21a1 b044fd802f0e648fd22c19bae34a9dcf49a91c56 a7d53245b9c0e48179a6c4a7bc87df311e2fb325ff7c9e018d2e33d5dc518f8c
GET /files/web/sponsor/_logos/logo1_229_1378106311.jpg HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: image/jpeg
content-length: 1194
last-modified: Mon, 02 Sep 2013 07:18:32 GMT
etag: "52243bc8-4aa"
x-map-context: sg
x-served-by: d-01
expires: Tue, 13 Dec 2022 21:54:11 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2725a23b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/sponsor/_logos/logo1_27_1343995230.png | 104.18.11.234 | 200 OK | 2.6 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/sponsor/_logos/logo1_27_1343995230.png IP104.18.11.234:0
File typePNG image data, 80 x 30, 8-bit/color RGBA, non-interlaced\012- data Hash55b41c6934b3eff9839a40bf998099fc 83e0eeee1ad4d9347e675aacfa05dc286d37d3d8 e1f1d92ff6f91a4fd00415f1ba16805170ea4d9cc7a9a5503e686bd14593aaad
GET /files/web/sponsor/_logos/logo1_27_1343995230.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: image/png
content-length: 2601
last-modified: Mon, 13 Aug 2012 09:16:31 GMT
etag: "5028c5ef-a29"
x-map-context: sg
x-served-by: d-03
expires: Tue, 13 Dec 2022 21:54:11 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2725a21b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg | 104.18.11.234 | 200 OK | 13 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg IP104.18.11.234:0
File typePNG image data, 100 x 30, 8-bit grayscale, non-interlaced\012- data Hash3b6ff1999a66922904b1c6b8ad51fc00 d1d919cec99f63fa2048e87d9ff4dd7173238abe c897745d331defcc9183d25af5ece629fc535f492f6b009d42a90f0dc5ef0c26
GET /files/web/sponsor/_logos/logo1_441_1490784069.jpg HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: image/jpeg
content-length: 12940
last-modified: Wed, 29 Mar 2017 10:41:09 GMT
etag: "58db8f45-328c"
x-map-context: sg
x-served-by: d-04
expires: Tue, 13 Dec 2022 21:54:11 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2723a02b4fd-OSL
X-Firefox-Spdy: h2
|
|
| static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js | 172.67.71.184 | 200 OK | 56 kB |
URL HTTP/2static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js IP172.67.71.184:0
File typeASCII text, with very long lines (65491) Hashdaac3368172a096867f1e0a888f2942c a6a7aa5f5c0c071ac10fd44720bc94fe6b18c4b2 c5ac173098997967f6022f5725131f78ffcdc5d384225a1126c382ae57d13910
GET /channel/loader/3zxL2HhGxKQQZYwsP.js HTTP/1.1
Host: static.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: application/javascript
x-amz-id-2: kOmNlQ8hQ/MAYlSw1RNX/itg58DorumEwEBEKK//PULpcTnywgP1we3AigwPXBpC4DO9p77sPKs=
x-amz-request-id: 2V6SK9JRB4NGPT18
last-modified: Sun, 11 Dec 2022 00:03:07 GMT
etag: W/"e2b84f43e67a9e202870f859cf663e37"
cache-control: public, max-age=21600
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfvpATVS9jq3yWx7uMkxDOaS3BOd0G%2FPUMadO2741T96Yy%2Bs7ErxJTc9%2BenLxvchWu2iAgvKlVxaFGEUnj9KpjA9Oqjmbbs88LP9HEAlvL4JphuJfDHeaMgLKunNG8trlFEWQ3BcTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b27079c9b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/sponsor/_logos/logo1_542_1450867072.png | 104.18.11.234 | 200 OK | 1.3 kB |
URL HTTP/2www.vouchers-sg-51.com/files/web/sponsor/_logos/logo1_542_1450867072.png IP104.18.11.234:0
File typePNG image data, 100 x 30, 8-bit gray+alpha, non-interlaced\012- data Hashf482011337a1fd30d43c4c16fd6fae99 42b84caf4bee84f5e6bc2799d47ed421c0afa5ee 1491ba98acf990484c8a649bfb0f7bc6fe24c676463c76e93d418ca24ce145a3
GET /files/web/sponsor/_logos/logo1_542_1450867072.png HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: image/png
content-length: 1302
last-modified: Wed, 23 Dec 2015 10:37:53 GMT
etag: "567a7981-516"
x-map-context: sg
x-served-by: d-04
expires: Tue, 13 Dec 2022 21:54:11 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2725a26b4fd-OSL
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 | 35.241.9.150 | 200 OK | 1.7 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (1719), with no line terminators Hasha4052b022cb93eb55aabe7cb67679df3 901bc58019c1c287782342cfcb9ad01ba4fa8657 959141ba846caac38284518837678def1e8c7d372a3b946a6c3e85ae5bfed470
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Mon, 12 Dec 2022 21:12:52 GMT
age: 2479
last-modified: Thu, 08 Dec 2022 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg | 104.18.11.234 | 200 OK | 27 kB |
URL HTTP/2www.vouchers-sg-51.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg IP104.18.11.234:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x603, components 3\012- data Hashcc26fcca4a111a7607dbbc38d85f8bc0 067658a2e35d6d23d84795e0dfe2560051c493f0 5f3f5bf2b2567a61e56f292ceac28e5283dac84e983754e0e3e75c093e5cad9d
GET /_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: image/jpeg
content-length: 26983
etag: "3869087883"
last-modified: Tue, 12 Nov 2019 02:07:13 GMT
expires: Tue, 13 Dec 2022 21:54:11 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2725a24b4fd-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashfe5c50a76f4dcc706e43c0d6d469fdd2 d3f5bb89c0c997f3349678cdd2ab0fc43332c1cb 04ce917c21da2c3833baa3e84d83b21e5b5367d690d6afc203f3b0f6ca54e652
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 21:54:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 11 Dec 2022 12:45:38 GMT
Expires: Sun, 18 Dec 2022 12:45:37 GMT
Etag: "d3f5bb89c0c997f3349678cdd2ab0fc43332c1cb"
Cache-Control: max-age=484885,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7789b2744d5bb4fd-OSL
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 | 35.241.9.150 | 200 OK | 935 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (935), with no line terminators Hashfc59df2a1ddb194b9927e1bd05da82a5 54ae083c87343de5c5082cd16f6e4ec8e45769bc cb645a2b572db86fddd92d7b4f54c55f1cb6ecada044fff5b5aea30e7df875f4
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Mon, 12 Dec 2022 21:12:31 GMT
age: 2500
last-modified: Wed, 07 Dec 2022 15:06:39 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 | 35.241.9.150 | 200 OK | 682 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (682), with no line terminators Hash730583ac85dd27656bad88150567d34a c05375ce2016cc335fffbfc76974348032951545 07ef5576f95557ec9f756e4ddfba277e3308d897c86ad5bc9dcd6e8e7270fb26
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Mon, 12 Dec 2022 21:09:54 GMT
age: 2657
last-modified: Mon, 05 Dec 2022 16:36:54 GMT
etag: "1670258214122"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| detectportal.firefox.com/success.txt?ipv4 | 34.107.221.82 | 200 OK | 8 B |
URL HTTP/1.1detectportal.firefox.com/success.txt?ipv4 IP34.107.221.82:0
Hashae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 12 Dec 2022 12:42:55 GMT
Age: 33076
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
|
|
| api.cleverpush.com/channel/optin-visitor | 104.26.14.31 | 200 OK | 20 kB |
URL HTTP/2api.cleverpush.com/channel/optin-visitor IP104.26.14.31:0
Hashb7f2828e87f4d54cb86892e1a8c39b90 9d7582853b3655bd690328dfd41eb80670bc141c 743bcc7fa784313c0018a8e2e0689b45227b34f6cf793c4aefded72b188af6fa
OPTIONS /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vouchers-sg-51.com/
Origin: https://www.vouchers-sg-51.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7Ad3CrgU28Uurfacj0xenaUWx2Q%2FfvV3LtoZO1GYKDJUtUtL30zozNOA9UMAmKYEILEvSRjIPb4I7OwSz441MsT0sTBtGE5TxNEEfWSn3fPxesTiUpKnBD8LLHLiM1L%2B9wtiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7789b2761b81fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/_global/wingame/74/css/series.css?2022-12-12.2 | 104.18.11.234 | 200 OK | 27 kB |
URL HTTP/2www.vouchers-sg-51.com/_global/wingame/74/css/series.css?2022-12-12.2 IP104.18.11.234:0
Hashaad3826028e4e9e1433225ecddc12549 0802ecca9ae7b19ecf742236c4e52706f5329369 a714c1f97744ab11c7dc57b8c6cb5b4c83213d063c53987350822cd82d334ebf
GET /_global/wingame/74/css/series.css?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 19 Apr 2022 09:50:17 GMT
etag: W/"625e85d9-616e"
x-map-context: sg
x-served-by: d-04
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fceeab4fd-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11019
Expires: Tue, 13 Dec 2022 00:57:50 GMT
Date: Mon, 12 Dec 2022 21:54:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11019
Expires: Tue, 13 Dec 2022 00:57:50 GMT
Date: Mon, 12 Dec 2022 21:54:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11019
Expires: Tue, 13 Dec 2022 00:57:50 GMT
Date: Mon, 12 Dec 2022 21:54:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11019
Expires: Tue, 13 Dec 2022 00:57:50 GMT
Date: Mon, 12 Dec 2022 21:54:11 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9051770b3587c195bea670f8820e8cfe abf58087f0e345202da088238daea85d177b431b f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wk9BI6v5Q6COMKhEiVyGW07a43hO-gddJZdFGb-Miu4LuOa7azKqyQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:36:02 GMT
age: 83889
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash61696fbb8743437b191c7141bc43228f 9f3da5618cd81d8b94b89a38860b5ea0e677b181 e299f7842035dfae92b63c388613da806030c9e70f6344dd0c8e9176baa2a671
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: e718a827-339f-47c3-ba93-870818e8be5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c83b3HgvoAMFiwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639505e5-6d9ec8a939af617b7ce5f3ed;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:19:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5YmFEB4u4FakAcTVYzxgtp7S4SpMQirzSC4njjh97hFX6v8iPkUCVg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 23:15:34 GMT
age: 81517
etag: "9f3da5618cd81d8b94b89a38860b5ea0e677b181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show | 104.18.11.234 | 200 OK | 9.7 kB |
URL HTTP/2www.vouchers-sg-51.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show IP104.18.11.234:0
Hashcc301d52ed615f5b1ac5f3f820484644 761d35d4de2474f5ed91a3440dbe9b4f37db7eba 96bfb7389229699fe08af173fa3385655b4309398285e1680344fa4fc6b18283
GET /cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: text/html
x-map-context: sg
x-served-by: d-02
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7789b275ef9cb4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3bd4c12-e778-472e-ac9c-d2cd99425501.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3bd4c12-e778-472e-ac9c-d2cd99425501.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf885add3e7cb373da8fbb0e773b169d0 b5d9aea1fcf2c7139710dd8b1cf06f595f59e3a2 8e527efa846977908cbf1b9b82f6a09fc84a512f62286c5ef4410b6ffd76d3cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3bd4c12-e778-472e-ac9c-d2cd99425501.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 3f7210b8-b010-4d13-9ea2-ab331dfb6700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0rHIHhjoAMFixQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391befa-090c90f7543e16cb678e0524;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 10:39:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: USIXU8S44hzxs_HMcUDEwyxD-DkuIxUBtawh1uMo4p_7PGLMSwewLw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 07:44:31 GMT
age: 50980
etag: "b5d9aea1fcf2c7139710dd8b1cf06f595f59e3a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa97997d5-6f2f-45e7-8b56-795bebd84b54.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa97997d5-6f2f-45e7-8b56-795bebd84b54.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash554fa9188556c1f0dac094819827a9e9 71c7162977f3ff9baf295d684ad45ab394ba33f2 910391e3686ed9314b09693500ccd41995efcdef8d2f4df7eb4c327f2eac2eff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa97997d5-6f2f-45e7-8b56-795bebd84b54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12503
x-amzn-requestid: 805024f4-b82a-4a3d-b0ef-045572febf05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWeeG2lIAMF3vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979df6-358be30b5b63c8bb5248871d;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XiL6HKsj9KMDsukD4kroJFGBFTKJd002Jr8xTDkjXKS8b_lOokLAyw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:53:49 GMT
age: 759
etag: "71c7162977f3ff9baf295d684ad45ab394ba33f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/wingame/global/js/global.js?2022-12-12.2 | 104.18.11.234 | 200 OK | 5.0 kB |
URL HTTP/2www.vouchers-sg-51.com/wingame/global/js/global.js?2022-12-12.2 IP104.18.11.234:0
Hashef4cbe3aaecf5c52a6a2fb2af46d770c 5b8ea475d7a89995744808de2eadde183fc9af2a 4a63d2f8c478d375968d644ed11fe91366ecfb944477b58f4e21e1df697dda0e
GET /wingame/global/js/global.js?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: application/javascript
last-modified: Tue, 19 May 2020 09:57:38 GMT
etag: W/"5ec3ad92-1ef"
x-map-context: sg
x-served-by: d-03
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b26fdf0eb4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-12-12.2 | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-12-12.2 IP104.18.11.234:0
GET /_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 18 Aug 2016 09:52:51 GMT
etag: W/"57b58573-71c7"
x-map-context: sg
x-served-by: d-03
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fbee0b4fd-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400,700 | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:400,700 IP142.250.74.106:0
GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Dec 2022 21:54:10 GMT
date: Mon, 12 Dec 2022 21:54:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/wingame/50/css/sweepstake.css?2022-12-12.2 | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/wingame/50/css/sweepstake.css?2022-12-12.2 IP104.18.11.234:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wingame/50/css/sweepstake.css?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 07 Nov 2022 14:24:35 GMT
etag: W/"63691523-183a"
x-map-context: sg
x-served-by: d-02
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fcef1b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/favicon.ico | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/favicon.ico IP104.18.11.234:0
GET /favicon.ico HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: image/x-icon
last-modified: Mon, 04 May 2020 09:08:58 GMT
etag: W/"5eafdbaa-10be"
x-map-context: sg
x-served-by: d-04
expires: Tue, 13 Dec 2022 21:54:11 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789b2744d5fb4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| api.cleverpush.com/channel/confirm-alert | 104.26.14.31 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/confirm-alert IP104.26.14.31:0
POST /channel/confirm-alert HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vouchers-sg-51.com/
Content-Type: application/json
Origin: https://www.vouchers-sg-51.com
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWYOEQiJDv8Gm95htcnGkjzM6xuIq8LV7zt2jF%2B%2BJFflmYVh2W14NcJ%2FWgA1HT5Mxup211hxVaAKv7ixvzSwUUoCh59f3xWd43azDKVdPTYsV29SqL3PgVLfzWsBMdHbAbZa%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7789b2768c0ffabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/_global/css/default.css?2022-12-12.2 | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/_global/css/default.css?2022-12-12.2 IP104.18.11.234:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/css/default.css?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 18 Feb 2019 07:52:24 GMT
etag: W/"5c6a6438-10e7"
x-map-context: sg
x-served-by: d-01
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fbed7b4fd-OSL
X-Firefox-Spdy: h2
|
|
| sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.vouchers-sg-51.com | 159.69.145.0 | 200 OK | 0 B |
URL HTTP/2sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.vouchers-sg-51.com IP159.69.145.0:0 ASN#24940 Hetzner Online GmbH
GET /iframe?origin=https%3A%2F%2Fwww.vouchers-sg-51.com HTTP/1.1
Host: sgapac.mycleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
x-robots-tag: noindex
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
x-backend-server: cleverpush-worker-3
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/_global/wingame/74/js/series.js?2022-12-12.2 | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/_global/wingame/74/js/series.js?2022-12-12.2 IP104.18.11.234:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/wingame/74/js/series.js?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 Nov 2020 12:42:01 GMT
etag: W/"5fbe5119-3e54"
x-map-context: sg
x-served-by: d-01
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fdf13b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-12-12.2 | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-12-12.2 IP104.18.11.234:0
GET /_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 10 Nov 2017 11:48:17 GMT
etag: W/"5a059201-15e64"
x-map-context: sg
x-served-by: d-02
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fcf08b4fd-OSL
X-Firefox-Spdy: h2
|
|
| api.cleverpush.com/channel/optin-visitor | 104.26.14.31 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/optin-visitor IP104.26.14.31:0
POST /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vouchers-sg-51.com/
Content-Type: application/json
Origin: https://www.vouchers-sg-51.com
Content-Length: 54
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29tR%2BX6%2BDDZrlpToqDvS3mCs9fkLIWxgFMyM116%2BWvKbvh3SRrlCcGSinnebYS0ZlHlm3lqXhXhZFwqHVqJmrUWRthdXsFqU1S9dk30pPJxgkAMlQfe1TijP6LLQCOM9mU0JHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7789b2768c07fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/cgi-bin/wingame.pl? | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/cgi-bin/wingame.pl? IP104.18.11.234:0
GET /cgi-bin/wingame.pl? HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: text/html;charset=UTF-8
x-firstpage: 1
x-page: pregame
x-map-context: sg
x-served-by: d-01
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7789b26b2f6eb4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-12-12.2 | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-12-12.2 IP104.18.11.234:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/wingame/74/themes/black_000000/css/theme.css?2022-12-12.2 HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2017 08:06:31 GMT
etag: W/"5a265387-25ef"
x-map-context: sg
x-served-by: d-02
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fcf03b4fd-OSL
X-Firefox-Spdy: h2
|
|
| www.vouchers-sg-51.com/files/web/sponsor/_sponsoren/script_50.js | 104.18.11.234 | 200 OK | 0 B |
URL HTTP/2www.vouchers-sg-51.com/files/web/sponsor/_sponsoren/script_50.js IP104.18.11.234:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /files/web/sponsor/_sponsoren/script_50.js HTTP/1.1
Host: www.vouchers-sg-51.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vouchers-sg-51.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 21:54:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 08:39:05 GMT
etag: W/"6360db29-fbf"
x-map-context: sg
x-served-by: d-02
expires: Tue, 13 Dec 2022 21:54:10 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 7789b26fef2db4fd-OSL
X-Firefox-Spdy: h2
|
|