firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 12:43:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CstUUgQzNozwlsZkNTyAoZSRkzb6ytDdxr-0oyTN3keSiZ3cn6k3Hw==
Age: 642
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16985
Expires: Sat, 03 Sep 2022 17:36:48 GMT
Date: Sat, 03 Sep 2022 12:53:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5bYZ4NS03gc-_DIUpttGtw0RUezvwDPq-vrGsztEfDhYZOygEwiMnQ==
age: 41906
X-Firefox-Spdy: h2
www.bigspinrewards.com/cascaCOOKspinval01/index.html
104.21.72.251200 OK 4.2 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/index.html
IP 104.21.72.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash df74fd3826a3f7109de4a420d2a15db7
df033d67c439b2da452547dbb28f3427c6e3b132
45a2e449ee3f97cc89295cd0a13866f1fa73b101803d4e21fd1ce823a49c9ea4
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/index.html HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:35 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glLaptxn%2FW0NFGGqN5eiSDHKOR0qw8kXWSWMsSWCNclIjjWC06IUfXd2wergQihKO6D3ZNiRiDkfvLwkf0CHp70eOXzzLfLOuDY8W%2BONbTEiwD0%2FtyRcc%2Br5u75gieA7AXQo4OWWNlVZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1415a2b0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 12:53:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.bigspinrewards.com/cascaCOOKspinval01/assets/font-awesome.min.css
104.21.72.251200 OK 7.1 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/font-awesome.min.css
IP 104.21.72.251:0
File type ASCII text, with very long lines (30837)
Hash 0ebb760c7d229fd1d2b3a63493306569
58961c039962ea4f5215caa2e0127a8658bcf847
18eecad8f04af6784d466cd2cad0337dea530bef457e6a7b3da473eea589b134
GET /cascaCOOKspinval01/assets/font-awesome.min.css HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:43 GMT
ETag: W/"7918-5d66bf294536e"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YW%2F7d4RcyerKOppHZfjUVTgf6UZAC%2FeoknkUi8rkvhpFNqVdHdXkD1gS5bicCQdQNa%2F5mGhGdIZLoMn0fYw15gHm5ts3g7i8KXaTI5jAH5Xmx9X2gigexZR6m7jMzsfsr1csC5mEouzl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1442a49fac4-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/bootstrap.min.css
104.21.72.251200 OK 20 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/bootstrap.min.css
IP 104.21.72.251:0
File type ASCII text, with very long lines (65371)
Hash 79c26a3bec8c8195107cb0e69f211ea6
084edec110715186ed997205a4dc3db1c81f56e5
729259be1acde44ee426a5c1acde0512b16e534fdecfb022feebc7334c969029
GET /cascaCOOKspinval01/assets/bootstrap.min.css HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:41 GMT
ETag: W/"1d970-5d66bf277077b"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcUi5laNlsxqLeRLxKXX4zXAyqQNjMOoZxGn7FRbcNjwdQNPpVTmCM4kGYGxSRVm5Eqg%2Fn02KZSKx4PMm%2FSSGEH6uT5w5A9inqWnEKGw%2BjEyB%2B7BW5fTKs%2BHPK4%2Bk7gUDHThCvZ8Knqx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1442d6b0b31-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/app.css
104.21.72.251200 OK 2.3 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/app.css
IP 104.21.72.251:0
Hash 3cf8934d7c76110c0ef806dc54b5ed72
85ab74ae0ca1a9d9cf8bd409dc7d6a4935f227e5
c09a50061f411a6cdffe730876beb1e6481c1435cc5f59fdd06a996a59f85244
GET /cascaCOOKspinval01/assets/app.css HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:40 GMT
ETag: W/"2cfc-5d66bf26c8800"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dae3VQcWTjxE%2Fz2jD4SoWsdbP26FwflHasGX5ZwpRpvMfE7H%2Fbh72l%2Bcj%2Fh49cLKUvYaxPgFhvblQ79vZxdV0Wi6Y3nNIRi%2B%2BTAhoBoLrbF1GfS2Jz%2F4Mp6AzT2lGNuVLmOUFLD9y6b%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1442da90b61-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 03 Sep 2022 12:38:16 GMT
Expires: Sat, 03 Sep 2022 13:38:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mS40z8VvoChf5KARbsfwOBxm3SKOKRnargXrm-OrefH-fiyI2D4GZA==
Age: 928
www.bigspinrewards.com/cascaCOOKspinval01/assets/css
104.21.72.251200 OK 9.5 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/css
IP 104.21.72.251:0
Hash d0976ef52085c1f8ba2cced000ed329e
0d9941089f7ebdc69363015df65e3d94f50fc465
f4f7abcc0932fc063dd404250f0b0c3f093218b9af321bb221b247ae51121270
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/css HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Length: 9521
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:43 GMT
ETag: "2531-5d66bf29184b0"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpCJU9BznNIVKjKoprOvKvaYvX3tZBVkGRSUpvb5bbHMcO8k%2FLL84ViOsjgfeD76a850HbVqQWqGnUAAwKDOLuY51KoEmeY4eiITS%2Fj%2FWMYA5SjWQBfghDHSkREzd6OQ4cAMEEieaplX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea14429cab512-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/modal.css
104.21.72.251200 OK 2.5 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/modal.css
IP 104.21.72.251:0
Hash df2d914c7083b63ad0485004959ca196
7e04c3dac7de038d9757b208e61e26a9a5e30515
f0a7da4cdfa44c576d6c6cecf070f06adf4ff1bbf2ba58bb2126f18a4f17d6ee
GET /cascaCOOKspinval01/assets/modal.css HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:44 GMT
ETag: W/"4718-5d66bf2a4ed67"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMXKVP%2FtjUJUgCs0SnpJIrhpP3G2QkBSbpJAFPoofFT6BxhH87TUEPsSexjFEbWHHdrvNp98jZoXPK%2FVE9G7keEjcIhp77MwdyzClLUd42INnbpoUQRtlhrPDWdzZ1qqaz8orRZhntqs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1442ee00b02-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/ProgressiveJackpotTicker.min.js.download
104.21.72.251200 OK 970 B URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/ProgressiveJackpotTicker.min.js.download
IP 104.21.72.251:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1932), with CRLF line terminators
Hash b45c9b00b13f7295797f489847c01043
d0f1c46d606cbb1c8cf7942edde4bb3b8f521a1d
1dcbb9eff9ef90996c630dfd90519322992150618c86f895b71e068dae4cdfa7
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/ProgressiveJackpotTicker.min.js.download HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:44 GMT
ETag: W/"791-5d66bf2ac4064"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sX20p2GnEm7hdYXgiLJJJtS8jXuUUp0OTONM%2FMwCcfPfohbSbOoU3TSaDFchqgr5C42kRU04Jg6rURHtg5XabP%2FuKxTUsB3KiKnl%2BMBUUFKyQZLH2DgtwnmJHD2xihI%2FZ%2B63%2F3pzWTnn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1462f970b61-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/modernizr.js
104.21.72.251200 OK 16 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/modernizr.js
IP 104.21.72.251:0
File type HTML document text\012- HTML document, ASCII text
Hash 9e591e8b9ac5f95b7fd1ea8dd64a9075
220a0a050773006af6188673501c1e4a487cf55f
8cebedb5c2afae5b5155f42fde8bedfcc8a4a16d9f9d9ba511d531594e0402f3
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/modernizr.js HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:44 GMT
ETag: W/"c897-5d66bf2a78d46"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xRKiVgpcG0tZQFM%2FuJTer2AWriFdCvXF6sVvy6uaCjblgOFCrGpmsLRMV4mnwH7cmaiD8W8JZRuPQ3Jkdadihi2FmJQfATomCJg1QuH0TSW6yEPoi%2FOmJTpWnd1j3Cye5o8QWson3VE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1442c40b506-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/bootstrap.min.js
104.21.72.251200 OK 13 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/bootstrap.min.js
IP 104.21.72.251:0
File type ASCII text, with very long lines (48664)
Hash 01bed6a8d74a350cd71547190b7dd196
22a5ab8be4a5ea822ddbc7e0ed2fb8238cb1482b
6ac7adb2d8d8cecda9bd2512ecfd7352a991759e4530bd8a9e09e5d71025ca3b
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/bootstrap.min.js HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:41 GMT
ETag: W/"bf30-5d66bf280db17"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNk5ZBZ5RU6901Atxf%2FEIA%2FMuO%2FANmDFQKCYBI9YkySnkUcIxsG65EiVJcAAAYdWTTfmgPxr38LGlMZaFHRYMZOVPdJXPqLqOPOiO3fch2QSdjNXmGCbLzlzGpJd4oAf6W%2FqT4VidIYF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1462f310b31-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/classie.js.download
104.21.72.251200 OK 679 B URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/classie.js.download
IP 104.21.72.251:0
Hash 1a5be8aeb4cbb0042187b878971199df
de61542f46bc1c5ec59d560b32b56c55f05399e3
e18de479f727203138a7623d14c63dd428bbcba3e76083089fbf862bb96f2619
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/classie.js.download HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:42 GMT
ETag: W/"72a-5d66bf2833c76"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2fL4ljhlDu5ovEsjnfqsB2cdxmnaGF3aR7fo0D%2FIDZ%2BOno1sSU3e971R58qY9UrYDFCystbWj0J63uUy6KnnxZJ4CaDHNQjtSbzMBZnDY3eObsWd7zWJDkvmPNyZivV3PXgtZx12HEC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1463c2fb512-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6092
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 12:53:44 GMT
Last-Modified: Sat, 03 Sep 2022 11:12:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.bigspinrewards.com/cascaCOOKspinval01/assets/modalEffects.js.download
104.21.72.251200 OK 526 B URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/modalEffects.js.download
IP 104.21.72.251:0
Hash 74b1b0ca10f3cf1e3220bcf1b308c919
b02b7a404f12cd42f988f290a35ba07d7d64d089
3627aeee71f460d615995524b493d3912b508e38a5196a5e0624fa0018e027c3
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/modalEffects.js.download HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:44 GMT
ETag: W/"553-5d66bf2a76e06"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Ffg4yZlbOGNWrcYvRDE%2FvDp7QH0JXkDAii4qmBQ2fQwdXAeDQZQehqXUsLO9bFwdzisJIUkiM2lV0kqa5DvbHeP6Ip6T99yH%2FlZBvZJOZoO3E%2BWAccoPYJ%2F8qt%2FcSRZxWXKmkjjyJkp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1466a320b02-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 12:53:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bigspinrewards.com/cascaCOOKspinval01/assets/jquery.min.js
104.21.72.251200 OK 30 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/jquery.min.js
IP 104.21.72.251:0
File type ASCII text, with very long lines (32014)
Hash ae9d8d4c0dec623c2576c2fb03a51cea
d48b4b306fd21b80467d5b0913ff06bc5b949bb5
261d0b1ea5b85979c59923aa544fe4bea3743882b2e02a83020befc328c2d696
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/jquery.min.js HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:44 GMT
ETag: W/"1514f-5d66bf2a4ed67"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXVsb6qtBr7ekp%2Fi7%2BOSthiQDzcL0v9%2BigXg5s0NddHuYooGS6BlYx23qZ75dxlePIeD8BwDy8TZRW0tD3njiOqVyipEP%2FxPho5oaqE692dG4zacERVOOu2RcMLfeY6ZPmVzVkgy%2B%2FhP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1460b82fac4-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 14720, version 1.0\012- data
Hash d08c09f2f169f4a6edbcf8b8d1636cb4
5a6a45d6f98752b11ccb7c4f0f6fd7faf18ad1a7
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
GET /s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.bigspinrewards.com
Connection: keep-alive
Referer: http://www.bigspinrewards.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 01:56:24 GMT
expires: Sun, 03 Sep 2023 01:56:24 GMT
cache-control: public, max-age=31536000
age: 39440
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 14564, version 1.0\012- data
Hash 60c866748ff15f5b347fdba64596b1b1
34f486906decb7c8cf7a02d4758add9a2408c7a5
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
GET /s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.bigspinrewards.com
Connection: keep-alive
Referer: http://www.bigspinrewards.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 05:43:17 GMT
expires: Wed, 30 Aug 2023 05:43:17 GMT
cache-control: public, max-age=31536000
age: 371427
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bigspinrewards.com/cascaCOOKspinval01/assets/css-filters-polyfill.js.download
104.21.72.251200 OK 5.1 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/css-filters-polyfill.js.download
IP 104.21.72.251:0
File type exported SGML document, ASCII text, with very long lines (370)
Hash 25efe4f33c613569612c7ec2c8c70751
45e58f374235f09c2fdafc05ca330e51007ef62d
b42e342710a964b6803c7641e250493c30f3074974b6969ba1ec50813fb6069c
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/css-filters-polyfill.js.download HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:43 GMT
ETag: W/"5ef3-5d66bf291a3f0"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onb614cid0AKo%2BdCDHoEQWm45HMuSu8X%2F3fq5Ek76BdTiQ5IEGO%2B3eqzWZvIuQpJnw%2F8lVAgOxbAwxaOVj6vllzMX%2FRSgMr%2B5BAuL9lJloe%2FHlSXYvHFQlFxuLFtXwIDyqYGYHuwINMR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1472849b506-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/countertick.js
104.21.72.251200 OK 316 B URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/countertick.js
IP 104.21.72.251:0
File type ASCII text, with CRLF line terminators
Hash a06498bf00a468de5d20e57b3a725792
ca051ede4eac3d9bc720dd669c5f299f30466ab5
799127ec8c7193a7662c3116f53f0f1582f7d78a4cd4d120503681187f205ce7
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/countertick.js HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:42 GMT
ETag: W/"442-5d66bf28a9f13"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yY%2FJJmCQIQd02mTVfdwR4%2B96wUt6MDP9%2FyzSfeXiCDxOYLCDXpCE0bhYXpexPXXidmc8X359GnNiGx4JGMNPJMdwDUqNngoHeScO94SM50076IfP1%2FKXXd9Rl4fju%2F12ge77x9QuKhoT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1472ff10b31-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 12:53:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bigspinrewards.com/cascaCOOKspinval01/assets/cssParser.js.download
104.21.72.251200 OK 27 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/cssParser.js.download
IP 104.21.72.251:0
Hash 3d694576952e7a4b6aa734c18244a657
56280e98625b716fd95c1a4f99aa7b65df26a0a9
41de276bedc7a896c996bf606cf44ea11f3f5541bbf8165941936dc9c35ce140
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/cssParser.js.download HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 25 Jan 2022 18:06:43 GMT
ETag: W/"2a52f-5d66bf291c32f"
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXFdKhuet25MvfyNUsDBE3NKTgIBFRReSO2BFhx2i9nzt8mcG%2BiMQNLHW4XvUwnO5udLiN96zLpsBniPvb0rotAKt60hOwp1scFsMJz3QFzVzxj75f%2FrPAImN2k66fgBVvyrsLyIe%2BRb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea147188a0b61-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/reel3.png
104.21.72.251200 OK 35 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/reel3.png
IP 104.21.72.251:0
File type PNG image data, 124 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b374f1866c834573895cbe3848acf9a
9c4d3779d20ec4fce12cd33dd764fd22ae08df91
671eea44423c5a9fa2049e072b35abf42193ad6cfbca03b7deb7535496043d99
GET /cascaCOOKspinval01/assets/reel3.png HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/png
Content-Length: 34626
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:44 GMT
ETag: "8742-5d66bf2ac7ee3"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHKlmIweBV%2Fs0nciiT2mvhdQlhIgnHcFtZJnEEynAO5MN%2FscwdlNmAWwjlVC0Zni1ZsevICp0%2BDpaWmuh46R%2Fl1EPYQ42viJlxVmLHNLyNtbuIHFlTfPMr7NL8D3IQbiEkIL6S5TILow"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea14838c70b31-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/header.png
104.21.72.251200 OK 28 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/header.png
IP 104.21.72.251:0
File type PNG image data, 650 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ba2225b5d549d4e085e7dec59031789
a2b2b470dd74a1dfddca4747ae9f4a2d97114251
4204e8a8a0003b4e2b917d61540e43e9918989d9951763ae9dbe1984a9082356
GET /cascaCOOKspinval01/assets/header.png HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/png
Content-Length: 28153
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:43 GMT
ETag: "6df9-5d66bf29daa0a"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn%2B8gJHLgyVJAMZcsZYdYKvaIjiGn3yQ2OzkDLW3CLqOragt57zRBQl9LwOGjRtLiIuTPpb%2Fb4%2BLvvRzL%2BXTDZNtfYCXsBC%2Bm1ofQkJ%2BXQVc2YqH0v0KFRWx5LzpG2LvK%2BSxMH3wKRm%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1474d5eb512-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nmqK3Vv+rnHiz7lKWXJUYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L4Bm6CcCtXQD7h7j4T4YORTmxME=
www.bigspinrewards.com/cascaCOOKspinval01/assets/slot-machine-frame.fs8.png
104.21.72.251200 OK 83 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/slot-machine-frame.fs8.png
IP 104.21.72.251:0
File type PNG image data, 600 x 566, 8-bit/color RGBA, non-interlaced\012- data
Hash 7eaa2d9092e6c61cfa9dc72248c5959b
b96d515fcbbfd4b9cbf813fbf2e8e55a04eecfa8
2253edb5c406ee264b0d65dbd610377d13842b8c8ae2a336c26f6c7ef5633f7f
GET /cascaCOOKspinval01/assets/slot-machine-frame.fs8.png HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/png
Content-Length: 82821
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:44 GMT
ETag: "14385-5d66bf2af2e62"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNHQxEc9mgoE7LqOVJ4sPZ9Oz0sBSA%2FAAhBjIlzIvhCYBce3W7akF7D6%2FweXNz9IO9%2BpDMXMomeJAa%2BnnsTyBEVcCXL4F5CuBksnZobfGEAtqgkNsQKqgUj%2FT7hE5uoa0YXVF5%2Brq%2BC%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea147ec80fac4-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/saved_resource
104.21.72.251404 Not Found 17 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/saved_resource
IP 104.21.72.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 353c15c9bb566ce57f2bf7cc3059ed23
e719f101fe0bd22dedaf9928d11eaf7a0ca13107
cf7f7455e4e2a0cb03f82f8bda75dcfc23c326dbd2e14ec911e033675c9ba8f3
Analyzer Verdict Alert fortinet Phishing
GET /cascaCOOKspinval01/assets/saved_resource HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.bigspinrewards.com/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBxN5gwuf%2B%2B8yAIvRqw69p4cPwhKcyevR75MCc91dZMrW6u%2FwHFH9Zl0inXfAbDU5taD8b%2BJCMkDbYULEtApvp7lTSW5n2EjBSszcJBDWr2HCsT8%2FmntmQOL5IfVYB8TgSiUAMGUo2rq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1490a8c0b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/signUpButton.png
104.21.72.251200 OK 5.4 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/signUpButton.png
IP 104.21.72.251:0
File type PNG image data, 339 x 58, 8-bit colormap, non-interlaced\012- data
Hash 4f1b4ea4cb20b78e31121180936f0a5d
575d6cc08b108fac838cd1f053670b4c4a6dc339
9c23e18d28456cc3214784c8bdc6de84e471f67757d81bbf34c3c7a3c9d46e27
GET /cascaCOOKspinval01/assets/signUpButton.png HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/png
Content-Length: 5391
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:44 GMT
ETag: "150f-5d66bf2ac8e83"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx8bScjywSWzg8FjofeG9ArrLFPYzpSMGfQZ%2BYlUVPgHyEmypgq27G8ayKaTJIQqzDWrpWwbhz4e2MEQyOCtHJem8z5IxjCfpZITkt1FrBZLf1vdMtBPZ7tGJ6hZjWMbKSwEJBjIplnt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1496844b512-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/gmd-logo.fs8.png
104.21.72.251200 OK 16 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/gmd-logo.fs8.png
IP 104.21.72.251:0
File type PNG image data, 390 x 151, 8-bit colormap, non-interlaced\012- data
Hash 23b6eddd0eecce5a6eea654ba41a1f97
035bbaa93c44364083927ffc71992ca732cef332
f84acb2dc865da9636297c1488e10cbde35986a147834b590ea6ff800f5151ec
GET /cascaCOOKspinval01/assets/gmd-logo.fs8.png HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/png
Content-Length: 15821
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:43 GMT
ETag: "3dcd-5d66bf29954ac"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg9%2BkFaEuLciGBQxy48egfLb5Q%2BDb4jVgWQD0lOZ3JSuKWQPGUZtQq8RHqvXbK7o3PGQy%2BkFaxhPlGpRlRJFa%2FYdKzz1SepEiKU89IWepcxN4FPMFVwH93UvARUtjxq5Hxuoa9jcH4av"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea149bddefac4-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/congrats.png
104.21.72.251200 OK 112 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/congrats.png
IP 104.21.72.251:0
File type PNG image data, 456 x 551, 8-bit/color RGBA, non-interlaced\012- data
Size 112 kB (111762 bytes)
Hash fc423bb007b698443f8e1a00cab48f3e
8556fbdbd18a446bdcdf038820905b84abe41eba
9c425bde8240e35dcb9e2335be76e81103bc5d06bfe4fdfecd746c9532f82648
GET /cascaCOOKspinval01/assets/congrats.png HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/png
Content-Length: 111762
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:42 GMT
ETag: "1b492-5d66bf287ff34"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPFfL2NnAE1Sgq26L%2FF4VsKxW1y2YEYfWpXiNCiEVmJqmHEWQuiaKmUP%2FWg51miK%2Fte9FF0%2BudTTNr58MGDXzxdYJ%2FNJYAFlvE%2FKTmPy6ENGuC3mMIkWblnU0wRbKUeS2IVnFTPdYLIA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea14939aa0b31-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/bg-glowsplosion.jpg
104.21.72.251200 OK 243 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/bg-glowsplosion.jpg
IP 104.21.72.251:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 243 kB (242556 bytes)
Hash 1124105a3ce805986140e5116cd4eed0
428d67aefa1df07bfed1596f9c38913678d4b2b7
f970d65fe158c9e872b2f3eba253b25d4e56ed07d06f044e5ca316e2b32f0f40
GET /cascaCOOKspinval01/assets/bg-glowsplosion.jpg HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/assets/app.css
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/jpeg
Content-Length: 242556
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:41 GMT
ETag: "3b37c-5d66bf274773d"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tr%2BimCB4Bj5h5Yw%2BS8bV5dbGCq%2BUDoqaHDyz1lyEkQh9yKkur9wa9fOmnrW1BTz%2Bv6aFJ2%2Fr%2FyREQoHgWaZFsJi2mXmjBjK3cQXzemRQZ582j6GyFvW%2B%2BKk3O55ZoqYMrOg8%2FW3o8tw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea1478b2e0b02-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/vault1Wall.png
104.21.72.251200 OK 456 kB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/vault1Wall.png
IP 104.21.72.251:0
File type PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 456 kB (455715 bytes)
Hash f98f3a4015d654328b2cacc86f5dc11b
d0f167627527542633aa77f5eb533b1d8909b55a
1c909b72e2ae3943ee7b769a650f8690fd21cc7df64b31ab2690d77301bf4a4b
GET /cascaCOOKspinval01/assets/vault1Wall.png HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/png
Content-Length: 455715
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:46 GMT
ETag: "6f423-5d66bf2c2f4d9"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVZzB989Y1Ca73pTIkzaJkCEuDCW4IcSxWcSL2sY14TQB%2FIYjZh2pB1XcvWnB1CAfJFYinI0fn%2FFSKROtO9wtd1iRYFndqpFBLpTFGFCWR3fiV8p5R%2FpPTZfExxnJbEc3dwUcpL6ALJY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea14829abb506-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/favicon.ico
104.21.72.251200 OK 0 B URL HTTP/1.1 www.bigspinrewards.com/favicon.ico
IP 104.21.72.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:45 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 0
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIViI8U5WjjVQ3TSzT3OcKoex6J9%2FIn4JFXgDsiJlcXMW6xRUu7vTa1Oz1VWP6Qi2EJnBZeOH1CDxwvIR5mMTrbzeuoNtcrJKIAqZOFYEKHDwt6aCvaDAkEekVEu78EBgozZb17gTOwG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea14da8aa0b02-OSL
alt-svc: h2=":443"; ma=60
www.bigspinrewards.com/cascaCOOKspinval01/assets/vaultWall.gif
104.21.72.251200 OK 1.1 MB URL HTTP/1.1 www.bigspinrewards.com/cascaCOOKspinval01/assets/vaultWall.gif
IP 104.21.72.251:0
File type GIF image data, version 89a, 1200 x 1200\012- data
Size 1.1 MB (1140481 bytes)
Hash 90615312001d9a2f2c84c6b2960f5924
fc4064f61fa7f863411b7ba008a5e1f1dfbb2927
205f01e68e5ac9bec5e6192ea4dcacb981fa8ed067b23f00beef98153da6e484
GET /cascaCOOKspinval01/assets/vaultWall.gif HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:53:44 GMT
Content-Type: image/gif
Content-Length: 1140481
Connection: keep-alive
Last-Modified: Tue, 25 Jan 2022 18:06:59 GMT
ETag: "116701-5d66bf38598a2"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gvaD3PHcc%2FKz3%2Fnxv1vtoRxM2ZHRjwwxKCvKXahTdkl%2FD0ZRjuQH8YSvyKMcj4hwDXmPKt%2FulL7N6sdGiu%2FTDYDMF5BYfGp49aMoHEY7Unl33sa8WKUw6fJkS2ozKQz7q%2BcHSl2bg43"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea14a4bb40b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Sat, 03 Sep 2022 13:30:12 GMT
Date: Sat, 03 Sep 2022 12:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Sat, 03 Sep 2022 13:30:12 GMT
Date: Sat, 03 Sep 2022 12:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Sat, 03 Sep 2022 13:30:12 GMT
Date: Sat, 03 Sep 2022 12:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Sat, 03 Sep 2022 13:30:12 GMT
Date: Sat, 03 Sep 2022 12:53:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4cb62c7c522b71c62a97630d8330ef5
950611314b81428b3d80ff8659272cc800cf48b6
3fd0bbf8a1fe8776136d611d6b99b909b71e6af3a13f8794338af2f0026b59ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7975
x-amzn-requestid: 5ed9a360-5a7f-427a-a750-bd8f25214909
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XwpOBEpjIAMFzXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63102259-4b9d2f6e61cc186f78718168;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 03:09:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BU7CFrnTBhvyqoRVp1t-e_ZErBnJA9l4qGkmxOQd10W48IzyIFGFZw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:46:11 GMT
age: 32854
etag: "950611314b81428b3d80ff8659272cc800cf48b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf445006-1014-4737-ad3b-0047d0183dd8.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf445006-1014-4737-ad3b-0047d0183dd8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0bde418da52c5b733e4edeb10173974e
75555a00ea68f94d83233ca3dcb7ffa60ba9da5d
67bb1775a03b6b17b05181738c8196a9ed8087dc75927e649c28c084f31c0160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf445006-1014-4737-ad3b-0047d0183dd8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8614
x-amzn-requestid: a941656b-92dd-4948-a24e-1437469def78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2emWFBMIAMFq4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631277c2-5336706371034d98547bafbd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2v3yN2UAH_DeMis8_-Br4uvD4SK-sluX1aFEM391ZhV4_G2lloBHQg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:44 GMT
age: 54241
etag: "75555a00ea68f94d83233ca3dcb7ffa60ba9da5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d78cbff83c152b84864606781a29563d
8bdbc6e135be6e582d0e23754399422e3792777b
3c385de9ade05e1652ccc386e73aaccc4c223a07b81af4c5fdf3f73a166909f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6f5d90-39e2-4288-8685-adf2348d38e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14061
x-amzn-requestid: db7b338c-4fb1-46c0-827a-87e43ceacb90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjB_aFGyoAMFbeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ab062-060509a31e21bd514f736d49;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 00:01:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p_pP4bQ_t2iBcAl5CetPTBaNmV8E_Br_0Mn5qIlGeC8JCmILxA_l6A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 10:54:15 GMT
age: 7170
etag: "8bdbc6e135be6e582d0e23754399422e3792777b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:54 GMT
age: 54231
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: alcmiW5Cb3Z96RJNXfz4F54HNERbyV71Q8hqVuNEOTUc48kItzlfHQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:53 GMT
age: 54232
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V6_bFwCNNOb2sZgOQJ8NekZD0pbYwclTg17YlQjCIdKFKGuzfDR0nQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:42:03 GMT
age: 33102
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bigspinrewards.com/assets/htc/sepia.htc
104.21.72.251404 Not Found 17 kB URL HTTP/1.1 www.bigspinrewards.com/assets/htc/sepia.htc
IP 104.21.72.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 19af918175666d22b691fa8f41888355
db63fb52412e457f6331f356485daa645537cdd0
311cd761fd1b65f31bf74ace361ba12324b827901a297f3f13af918317bb591d
Analyzer Verdict Alert fortinet Phishing
GET /assets/htc/sepia.htc HTTP/1.1
Host: www.bigspinrewards.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bigspinrewards.com/cascaCOOKspinval01/index.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Sep 2022 12:53:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.bigspinrewards.com/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4Rv55GPbviann%2F4s1I85UiPD5kAvyHtOIw94P6OWhwchJZQJuXYl32%2BvSLOnSBlDoCLbPNJ%2F9T5YWrvAeyJj1gVHQqUd8zZnnlbeNHE2A2hHA5ehim5%2FOYDsPZAC3BRZdz8SjK27mxs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744ea155d8100b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93ac38e4-a58e-4303-b7a1-e6c19cc7f80e.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93ac38e4-a58e-4303-b7a1-e6c19cc7f80e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a1a9b226f6556f7ea2f3e990e618c78
72796327f9481a7516aac1fbfd73a36d69f83626
187b68b54b976b7a1a17928e172c9726b5583b650b982eb5cd2378a4ee2aa54d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93ac38e4-a58e-4303-b7a1-e6c19cc7f80e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7332
x-amzn-requestid: b4f35a34-c467-4582-9072-954573a77ff3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XTiVBHorIAMF_Bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63047db9-52dcb6600c9faf001774a655;Sampled=0
x-amzn-remapped-date: Tue, 23 Aug 2022 07:11:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VjqYi7CKnIe-Kxn3sloRI92r2i790NhznehcxlnYhmrp8K8MHv1uUg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 10:04:55 GMT
age: 10137
etag: "72796327f9481a7516aac1fbfd73a36d69f83626"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2