bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
200 OK 3.0 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1216)
Hash 2e59a69bed1d817926f29d14b1832547
6890c382f86fbc00ec43dbc79f58428b67b23ed3
36ac5816801079eab01b33e68397b66ef5f9f7631f03bb66bcdc2da382cd1c29
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5 HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:57 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 26 Oct 2022 23:51:38 GMT
ETag: W/"d0449c95b72756923b919bcbe8981072"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ONu7Lh1Pr-sHWwxVUUvN8enPPLUTNAs5_ZywShpsMXHBvhgemKSz9w==
Age: 31522
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4284
Expires: Thu, 27 Oct 2022 09:48:23 GMT
Date: Thu, 27 Oct 2022 08:36:59 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6151
Cache-Control: max-age=95794
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 08:36:59 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:13:33 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6151
Cache-Control: max-age=95794
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 08:36:59 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:13:33 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2683
Expires: Thu, 27 Oct 2022 09:21:42 GMT
Date: Thu, 27 Oct 2022 08:36:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Qgqy9EE1eSEAurx91GLnP3o1VRV9wRgTWTzgaGFdzA7D7kc7a1BhAQjxvAzBYFT4hp7b0z0Q1qY=
x-amz-request-id: Q91XFVCG2YT6RKV5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 08:09:45 GMT
age: 1634
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/css/landers/pick-a-box-social/app.css?id=58535516c708af701ac4
200 OK 729 B URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/css/landers/pick-a-box-social/app.css?id=58535516c708af701ac4
IP
File type Unicode text, UTF-8 text, with very long lines (1727)
Hash b3363985a9892c57cc9a0761fcd1b2e2
73930ed550441109004d4320ed90c7c391cb0c17
ed76512c9612fd5ef869ae1a717c2181b193c4279a514b1ff0c6ca677d3a3416
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/css/landers/pick-a-box-social/app.css?id=58535516c708af701ac4 HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:30:13 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 26 Oct 2022 21:34:54 GMT
ETag: W/"58535516c708af701ac4241a22d1426f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 43THnmtLslQTxdHJ0ADpOfpwSyc_2-ZDXmiJKouRQnc7EwmUnAC4Zw==
Age: 39726
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/js/app.js?id=d75b4cfe9b4f0f2f3a56
200 OK 7.0 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/js/app.js?id=d75b4cfe9b4f0f2f3a56
IP
File type Unicode text, UTF-8 text, with very long lines (18544)
Hash 6f48c1a3d7f85b67a15de9e4f67d3b8a
5c1d69790b2e0232406639e80fbe8e84467700fe
6464eae0ffe31f4dc11eac685f67166f170a56da2e90399d50c956c78fb681ee
Analyzer Verdict Alert fortinet Phishing
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/js/app.js?id=d75b4cfe9b4f0f2f3a56 HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:30:01 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 26 Oct 2022 21:34:54 GMT
ETag: W/"d75b4cfe9b4f0f2f3a56f5dad32d6c7d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fR7U51m6Sn2NvR4lSsFZ-0d6Xfdp3-pkkWyLOkgKnEnwg-4gqssdyA==
Age: 39726
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 08:36:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/css/app.css?id=2fbe2d9a9a40ca9b2489
200 OK 69 B URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/css/app.css?id=2fbe2d9a9a40ca9b2489
IP
Hash 2fbe2d9a9a40ca9b2489f46d1b5520c1
a8b5e5629deabf1912d969b4036ed3c9159756bb
94d8599586a5ee9c62dc15b45ca083b69d060d0c12bf2be3673b19a9820216ea
Analyzer Verdict Alert fortinet Phishing
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/css/app.css?id=2fbe2d9a9a40ca9b2489 HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 69
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:30:00 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 21:34:54 GMT
ETag: "2fbe2d9a9a40ca9b2489f46d1b5520c1"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9L5Qn-eHT3dU4M8X3FIC0QsaJN91kZmzWgs1YyMvNkpkE2VH-dy_IA==
Age: 39726
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/js/landers/pick-a-box-social/app.js?id=428f0f9055a1cd22932b
200 OK 160 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/js/landers/pick-a-box-social/app.js?id=428f0f9055a1cd22932b
IP
File type Unicode text, UTF-8 text, with very long lines (65441)
Size 160 kB (160398 bytes)
Hash 7ccd43903aaf2bf3ec40b8d115c0083a
27a09e856a0ce6860ff7b26b6f80a26a5bdaac61
01e3157465c003a50f208aa36e20adc46c82f6c75607e52b5b8d030784d758ac
Analyzer Verdict Alert fortinet Phishing
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/js/landers/pick-a-box-social/app.js?id=428f0f9055a1cd22932b HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 160398
Connection: keep-alive
Date: Wed, 26 Oct 2022 13:19:52 GMT
Last-Modified: Thu, 08 Sep 2022 12:29:44 GMT
ETag: "7ccd43903aaf2bf3ec40b8d115c0083a"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MJPu1msRRanOW4Aw2NsAKKops2-9Qjnh8hx8L-LKNB6OhNd3_Yq7MQ==
Age: 69428
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/caucasian/female/3@0.25x.jpg
200 OK 2.8 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/caucasian/female/3@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 8196857e051c12bf3fbc80c5d2706f77
6c5b5053cade51a1c872fd0fccd6425cac4654ad
e7da422e27935176f348741986684bb7579b8f27b00d5e740c0b205f35fd382a
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/caucasian/female/3@0.25x.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2833
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:52 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 21:34:55 GMT
ETag: "8196857e051c12bf3fbc80c5d2706f77"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E4bFl564teiBDVJk6woOl7IL80DnBU4OMIZ7f2SPP1zEX7HViz-VOw==
Age: 39725
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/african/male/3@0.25x.jpg
200 OK 2.5 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/african/male/3@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 2c188d082f97b0a5b29c92dbaf7a9787
f2a3828b68ba4d06d450832a977c48a22360d5eb
afc758b894177d4003b5d02d80cd023429c99cfc3cd880804570d237cf6a96f0
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/african/male/3@0.25x.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2518
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:52 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 12:41:08 GMT
ETag: "2c188d082f97b0a5b29c92dbaf7a9787"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2u_5spRc4NCQGYv_RyBKg4YvK90_KTCNNEIyqoETdeF4OEMkfPSCQQ==
Age: 71752
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/male/10@0.25x.jpg
200 OK 3.0 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/male/10@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 390755a283a0da8232218f8719ebdad5
92111467bdb41c07fd6445c6b9902a3f561a2a98
a02e6f89cbc5edf694235fa84727b8700584391f39b2163886bcd3a81c9ab9c6
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/male/10@0.25x.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2962
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:55 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 27 Oct 2022 04:37:53 GMT
ETag: "390755a283a0da8232218f8719ebdad5"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WJ6CvPpmASkF-TPZ_2-u07OeliW9_5omEKIBDAblEiVlgjqXFOCnWA==
Age: 14347
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/female/6@0.25x.jpg
200 OK 2.9 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/female/6@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash ec3ed635f252fdb394d3f82d331d002a
8c87b61cd87f3f11f490293e7af3133b37535813
2a5922fd5c4b7fe191b1e97f675da62a3913286abfaf8c3b9aa94b27f9c791a8
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/female/6@0.25x.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2892
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:54 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 23:13:50 GMT
ETag: "ec3ed635f252fdb394d3f82d331d002a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hM-S0HgZk8fr_bhGymHi1Xs_A2Qru6boL5IvQAlrYdhJOKynTx5YGA==
Age: 33790
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/prizes/iphone-13-pro-max/proof.jpg
200 OK 11 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/prizes/iphone-13-pro-max/proof.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 339x450, components 3\012- data
Hash 7b6d25111cac703c404217e5181fc0de
fe3af81606435e5e126e892dbf0cd2f9a22682d3
9fcc09d45877ae7af8f5e23e9b987e7aca5fb7f40252131c0c9b0e7fb51f9283
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/prizes/iphone-13-pro-max/proof.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 10925
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:43 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 21:34:55 GMT
ETag: "7b6d25111cac703c404217e5181fc0de"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bs1k0_6RIiVFq2N4z4o8qV-vCse6H-w62w0UAC5-aptPrylF86QBhg==
Age: 39725
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/box-back.png
200 OK 4.4 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/box-back.png
IP
File type PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Hash db3b11f5d1e63ab5cff38325a6838e30
de1b589b476ea0637b53a2518d907672129e475e
b7b2ade626172fac35fe40f5b3455760d639f933aea3b8f926d9d5f5f0f202e9
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/box-back.png HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4418
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:30:14 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 12:41:08 GMT
ETag: "db3b11f5d1e63ab5cff38325a6838e30"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IprCG0G4thexpAUv4KFtFxKoENvr57A7J6ACe3aa-JkeVvzg1qCMCQ==
Age: 71752
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/male/9@0.25x.jpg
200 OK 2.5 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/male/9@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash bcb23efbd2af0f7b987a3fb1371fb2b9
a4e569ab554784748cfbd3d76b6eeba481f05c01
23a399abbbf589b9e2007712d9ee331dc0b459b8e3b53c12d20c41a16fe04c2e
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/male/9@0.25x.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2452
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:55 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 21:34:55 GMT
ETag: "bcb23efbd2af0f7b987a3fb1371fb2b9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x2MlJFsiWAAvymNrpkJVetuUhAKpv9MNBEovN8ATbiY8MoLaP4tYzw==
Age: 39725
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/fb-like.svg
200 OK 2.1 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/fb-like.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4627), with no line terminators
Hash 6339f263a7bd6246056bda98ae188336
60b93c1930cef992fac533e306c6e1033f95e028
0068899ef50e4bcb1827c1ce475827d3d82e2ddd8a24e578a5c669a613aa7fa2
Analyzer Verdict Alert fortinet Phishing
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/fb-like.svg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:30:01 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 26 Oct 2022 13:02:20 GMT
ETag: W/"765203989756e91925e8f947e660b644"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qBaQ7i-69f8kwcc3A3Y2f5A2elJYyZGQdWlfO-80wKCxRMi-R9esIg==
Age: 70480
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/box.png
200 OK 7.9 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/box.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash a5059b7caccd2d52c8c4bf3e6fa48f46
09305daeea28184c2c30341906cb89cd4d576739
b8544e1ce51611695d27760d1042716e6a8413f7727b17a1cacf42b7ed6e249b
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/box.png HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 7946
Connection: keep-alive
Date: Thu, 27 Oct 2022 06:12:43 GMT
Last-Modified: Thu, 08 Sep 2022 12:30:14 GMT
ETag: "a5059b7caccd2d52c8c4bf3e6fa48f46"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZFDvN7VIa-xAJCqW4GdffS86brKtTTpU9k1POiqGjdsPjdIVre6Wuw==
Age: 8657
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/female/5@0.25x.jpg
200 OK 2.2 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/female/5@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 48b5da3206517deea12f7c5216033cc6
0a940b742941efc35887a35c46f48b1a47a70520
7a231fcdd18edb9e1688564e01e9f080d78fdcb9a086b56af26528bf66305a8b
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/latin/female/5@0.25x.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2170
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:54 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 21:34:55 GMT
ETag: "48b5da3206517deea12f7c5216033cc6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bqPrWXO0n2jxspA_JZdyJZ-fVmAbIREGLxaOwyfcKA_hxA9i3cgXJA==
Age: 39725
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/african/female/1@0.25x.jpg
200 OK 2.8 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/african/female/1@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 9ef452251daa9ff9fbdc5fe827a35061
2cb40a02efce5fd8772f57b8e9737018fed3f9ba
355126576c7a0bdbbe771a2b039d093c855efe6805941a36456324a2076e2ce1
Analyzer Verdict Alert urlquery Scam / Brand infringement
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/african/female/1@0.25x.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2781
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:51 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 21:34:55 GMT
ETag: "9ef452251daa9ff9fbdc5fe827a35061"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2AGkISr-PmwHnMmnsPsnGYo_qbemiPBuRbqOzOuMW7JPKNwpc6NUuQ==
Age: 39726
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/caucasian/male/2@0.25x.jpg
200 OK 2.4 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/caucasian/male/2@0.25x.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash bfc6eca6ea03a0dae038e42188616d92
d8b88015604798d901a5929a2331e7f581baecfe
ac8b3a49e5e511cb0d40f376c87216e5116ec0f85a6de30e157e0fdf45fe7acd
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/profiles/caucasian/male/2@0.25x.jpg HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2359
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:53 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 21:34:55 GMT
ETag: "bfc6eca6ea03a0dae038e42188616d92"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -fOm4v7jcwupooikcHbV8rh7bkdLHZm38-p6Nr0JG4CGd-ADWrvGjA==
Age: 39726
bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/lid.png
200 OK 4.1 kB URL HTTP/1.1 bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/lid.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 82be992501561937744072b2afafce52
5172ff66669438c56458c41ada7b4c9b5609eac8
abb37b2e76bca226fbfdf76939c681a191f17d6c5052a933b76ad1676e1c5c58
GET /tc/fr/sweep-com-fr/pick-a-box-social-lander/img/landers/pick-a-box-social/lid.png HTTP/1.1
Host: bigwinstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/tc/fr/sweep-com-fr/pick-a-box-social-lander/index.html?cep=DGCn9JvBAgqAYl-SDiXgpd6RpPUKaAg2XJxWhdWOwfMAaw9Vbl_iOoGsvIrCPW6ZlTxDnqkCRjQYjs2f-FphKV1eLO3K6vRebRd65VU5YMH1DWaAWarOufco6GdKPflmosnSTFU3jIsunoxSUffwEqivO-0COiyNwk2MzuGYECIuJBDIzjGrjNEyylkduR_s5kHVHz5KWuO8k6RwZgFBqmPMK7tjL7WApqFQglmyCmzW36GMnGraJYnmy4AWbt00TZkZBx5EDplVeZ_M6nxt6UeFMgXzGTtrQBG7-wqdzc3_xloICnSdNCdEWhrq8Licohmq3aazp4xNzfVr4iofO4BQkuWJtNT3cy6IpmJ1w2_UFq8INuGhslYMyanX2h4e&lptoken=16df668f8601168600c5
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4090
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:29:42 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 26 Oct 2022 12:41:08 GMT
ETag: "82be992501561937744072b2afafce52"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V4iFwdDasJKgn4-wXoutoFCsFtZFV_dTlqfYR9abnNp7yKr1cIfp9w==
Age: 71753
ouphouch.com/pfe/current/micro.tag.min.js?z=5125495&sw=/sw-check-permissions-57516.js
200 OK 26 kB URL HTTP/1.1 ouphouch.com/pfe/current/micro.tag.min.js?z=5125495&sw=/sw-check-permissions-57516.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5915e62bd6dd3c566873fc60daef1e04
54aee4d378fd01598e077499a078e586c648a202
acaa4ad7aa6de7db5f46a50dc0f61046094f4a08c977ebd145eb1efef83e45c1
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/micro.tag.min.js?z=5125495&sw=/sw-check-permissions-57516.js HTTP/1.1
Host: ouphouch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bigwinstoday.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 08:37:00 GMT
Content-Type: application/javascript
Last-Modified: Tue, 25 Oct 2022 09:56:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6357b2e8-12763"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4486
Cache-Control: max-age=89073
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 08:37:00 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:21:33 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FwzQ1TFaZ1Lw+iUnYpTSpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /DJ9xnVlKeOq2FUmePhrUN8++Kg=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5775
Expires: Thu, 27 Oct 2022 10:13:16 GMT
Date: Thu, 27 Oct 2022 08:37:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5775
Expires: Thu, 27 Oct 2022 10:13:16 GMT
Date: Thu, 27 Oct 2022 08:37:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5775
Expires: Thu, 27 Oct 2022 10:13:16 GMT
Date: Thu, 27 Oct 2022 08:37:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e307787eef6193fe4988367feb5e07d9
f50d8270aeb43fb15457d961f925cf2b38060240
d69ba1c958614a831462b81a046bb6a59e353db0b63d23b060b84df124057452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9256
x-amzn-requestid: 25249b1e-6ef4-432c-b370-a645259c0727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoeDVHAyIAMFo9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359aa15-73f252de0cc8d8246183f658;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:43:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YEDioWdLIYVSdc9xH-DHZtrdqy49XJmzCgvD0saNYaIO27qaUVnMJQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 22:21:24 GMT
age: 36937
etag: "f50d8270aeb43fb15457d961f925cf2b38060240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaba0c7d-aba9-4d63-b7af-fb5906364567.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaba0c7d-aba9-4d63-b7af-fb5906364567.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c546f97a46d3d5b4d0f14a25740e85f3
e33797cbaf946b0b87b61649de8f58d154d3142e
9f894b89727c98bc85db280efa60c126480cf54f3572816ecd0baaa3fc3939a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaba0c7d-aba9-4d63-b7af-fb5906364567.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9573
x-amzn-requestid: 090c9787-04c7-4a35-8a6d-bfed94af69c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZRvNGrKIAMFnAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63539661-53eec558300f7d221d1c9f04;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:06:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EMF1jGddgrObVwvtjVvZMowdi-nz4tW4Rp3cQ--HXT0V9Ss77JOuWQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 09:09:58 GMT
age: 84423
etag: "e33797cbaf946b0b87b61649de8f58d154d3142e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e0b7c1-7017-4894-9761-828cb604f9fb.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e0b7c1-7017-4894-9761-828cb604f9fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25429df1160d8d6476ac5e0f0200934b
9218388d9ff2c7f1b38c71c8828146e62082b473
eea6fec35bce9dabe19a536f5f46b2b5de73521f3ffd95de8e515aa79cf714bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e0b7c1-7017-4894-9761-828cb604f9fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5187
x-amzn-requestid: e46cca29-67b1-489c-ab26-fd51847523ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocufHQJoAMFg7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-5189da342daf42831d51034d;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -YlsaCqcr22sKngaylJdwlPb2R12YTdExZ8o8O9NwP6p-uH7XN3Ykg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:48 GMT
age: 38773
etag: "9218388d9ff2c7f1b38c71c8828146e62082b473"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:52 GMT
age: 38769
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:09 GMT
age: 38752
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3emAUJej2kLKLs9Uq-3DvpzkUFvh_ZCtP-83SgiHBkAwaoWhnPBYUg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 17:28:56 GMT
age: 54485
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5022fcc54ece0a71c3ca9d0a78d446cb
74591c5a8adbe05965286f4636ddbf4f1fbfc753
a296771a57564bb5b2ffb9e56085729899fd6342259dfa96e4671aeade093c4a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A296771A57564BB5B2FFB9E56085729899FD6342259DFA96E4671AEADE093C4A"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5055
Expires: Thu, 27 Oct 2022 10:01:23 GMT
Date: Thu, 27 Oct 2022 08:37:08 GMT
Connection: keep-alive
143.204.55.116
23.36.77.32
93.184.220.29