| www.sg-bigpromo-76.com/cgi-bin/wingame.pl | 104.18.42.120 | 302 Found | 75 B |
URL HTTP/1.1www.sg-bigpromo-76.com/cgi-bin/wingame.pl IP104.18.42.120:0
File typeHTML document, ASCII text, with no line terminators Hash278a5de51b26a661d081823418d176cb 76eb605dc938405c43388dbc5520147b79973d3f 3642e910b2c4bb523877680d380499f645972b67c6c7f97af90746360ba7cdb1
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cgi-bin/wingame.pl HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 06 Nov 2022 07:08:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
URI: <https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?>
X-Map-Context: sg
X-Served-By: d-01
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765bfed63d5d0b4d-OSL
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb720c31d9c036cd2ef10e35fa29f5345 ac625d2e69284e5080bede4b37c31af62c26338b 323b76eceb5d3ad339a1c55bfa7eea4e39741258e08d5005b691f712a9e9c81c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Sun, 06 Nov 2022 08:12:27 GMT
Date: Sun, 06 Nov 2022 07:08:00 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash72c64df35304c35cd95e4ed6e101e795 a39287987854d644a8da295da536fb31de8b44c1 a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4470
Cache-Control: max-age=99454
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:00 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:45:34 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash72c64df35304c35cd95e4ed6e101e795 a39287987854d644a8da295da536fb31de8b44c1 a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2241
Cache-Control: max-age=97225
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:00 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:08:25 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashd130218d0e2841f39c99610fe1a2ab90 29fbe1e177ee55c7a61ae0a206afff271cf5f945 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 06 Nov 2022 06:43:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash078950c3ba9ad01927f3da494b1d1de4 443c8a8247e4e3e04c14d21e0227fc4e8f396142 dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3788
Expires: Sun, 06 Nov 2022 08:11:08 GMT
Date: Sun, 06 Nov 2022 07:08:00 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: umD/9p5crMHdE8+X/PZumR3FcUB3bXxPdcLNtTUcd7BluQhyUG2EwTLJ5s4ta1MkfVbdxmq95f4=
x-amz-request-id: 3TMPTYXHKY5ZMK1S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 06:10:20 GMT
age: 3460
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 07:08:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash21426503059f8196126a602dd402b115 4651a3dfc018bed83a188cfa1777db66d10c0387 906aad00d69b4836b7d786226940376aa7398db17deee7dcec133659329aaa88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "906AAD00D69B4836B7D786226940376AA7398DB17DEEE7DCEC133659329AAA88"
Last-Modified: Sat, 05 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Sun, 06 Nov 2022 13:07:02 GMT
Date: Sun, 06 Nov 2022 07:08:00 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashdb63d54b77502dd6c7bdc792d4fd093e 026ad8186833988279468829c004c6e2a2f2626f eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5097
Cache-Control: max-age=95023
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:01 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:31:44 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 34.213.140.56 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.213.140.56:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cFBL3Y3efePVQBbmxmobng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +ANTRWaHKMBdOdhiHYypnl98OB4=
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash4508201a8f6e5bb1841401f1b765bdda 28d88e47e51c70b30b5ddcf22fd3627187f79a51 b8e8ff2cdb6d20f146db2aa34b376f0b3b3bece28334fc6acf6eb468bfca17fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5601
Cache-Control: max-age=169356
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:01 GMT
Etag: "636739fc-117"
Expires: Tue, 08 Nov 2022 06:10:37 GMT
Last-Modified: Sun, 06 Nov 2022 04:37:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash3ebbd65a2bdd5c6f3dea5a6b99b25f0d 484be27b25b736a7e7e2b1d5ef9760aecdcec01b 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash3ebbd65a2bdd5c6f3dea5a6b99b25f0d 484be27b25b736a7e7e2b1d5ef9760aecdcec01b 5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png | 104.18.42.120 | 200 OK | 22 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png IP104.18.42.120:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hash7981da3a02a5756780c085f1f0c3fb19 7d1afa793be355b01b7fd2e50ba783204cbb1047 4ef88b4d9af615ce74727672a2a6600052d4a66b3ac52763c34545fc599fbb14
GET /files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 21767
last-modified: Tue, 04 Aug 2020 03:26:55 GMT
etag: "5f28d57f-5507"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedeea0c1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png | 104.18.42.120 | 200 OK | 22 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png IP104.18.42.120:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hashfb3179b1bc6a0e16b7e7cdcec81a2dbe 2751107432076aca4bc2976374240e8f4b4f9c65 966920de5000bf33ff4b2ac41928716f8572053e53b894ab017143a59115cec6
GET /files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 21544
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-5428"
x-map-context: sg
x-served-by: d-02
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfededa071c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png | 104.18.42.120 | 200 OK | 22 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png IP104.18.42.120:0
File typePNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data Hashbd81aeb07c60b9be44a848d07fdcb044 ec650a2422feb29605fb94eed562f37cf35947f1 86d02a86afcc245d53be26b56b724eff30c90c0d9de1143fcbabc4943e67a5a1
GET /files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 22240
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-56e0"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfededa081c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png | 104.18.42.120 | 200 OK | 72 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png IP104.18.42.120:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hashae5004d1c0d0f375f9d8ab4f2372edf1 d44167cb48e66c411d8439eb7d3a5538749c7329 c070523be8a4f81b4aeaf351744001d17e7883dd54b9fc4f5376a3ceffbf1e40
GET /files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 72459
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-11b0b"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedeea0f1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png | 104.18.42.120 | 200 OK | 71 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png IP104.18.42.120:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hash578da5634cb60866130d1ec589afb392 8b2e75e1ad26cc368d4e8e243b8b5ed1674c7dc0 17164a0d41aa14cf37a0c0fc99cbdc4c496d91dd5015e1a488c2acb18a8c6c50
GET /files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 70868
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-114d4"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfededa051c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png | 104.18.42.120 | 200 OK | 58 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png IP104.18.42.120:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hasha93eefeabd3f51a47c11f4ef085c216d cc6a9c3e55ffcfb4d4de4079f820aadf03c101fc a19953eea68cc0ddf20778a10207d79347742a4957ca7a17d36715ad36ab5c49
GET /files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 57530
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-e0ba"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedeea0d1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png | 104.18.42.120 | 200 OK | 77 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png IP104.18.42.120:0
File typePNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data Hash2f3dd28b519f2dca8c9e1c3951e1fef1 87a5cd0c89c018ee7487137943b86a7629900aa9 000f05262c894def5376da7f83f3771a1de7ec9babd5bb81d1dacbf58a9fb26e
GET /files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 76611
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-12b43"
x-map-context: sg
x-served-by: d-02
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfededa061c0e-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash4508201a8f6e5bb1841401f1b765bdda 28d88e47e51c70b30b5ddcf22fd3627187f79a51 b8e8ff2cdb6d20f146db2aa34b376f0b3b3bece28334fc6acf6eb468bfca17fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6076
Cache-Control: max-age=169830
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:02 GMT
Etag: "636739fc-117"
Expires: Tue, 08 Nov 2022 06:18:32 GMT
Last-Modified: Sun, 06 Nov 2022 04:37:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
|
|
| www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png | 104.18.42.120 | 200 OK | 160 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png IP104.18.42.120:0
File typePNG image data, 385 x 256, 8-bit/color RGBA, non-interlaced\012- data Size160 kB (159989 bytes) Hasha56dc40996d5413b2407ad228b34473f 5922cc501e4d244a37d33c58bb6518cacb5f98c0 273cb9ebfe1499aedb2cfe631024f0105a87db5b46de63e4b5e0e1a664d97be8
GET /files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 159989
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-270f5"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedeea121c0e-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash62a8ce6a2338913103618edb2f4a9dbe 0e0850b1aef6ed524d119a41145112b84c257687 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.sg-bigpromo-76.com/_global/css/default.css?2022-11-05.1 | 104.18.42.120 | 200 OK | 2.1 kB |
URL HTTP/2www.sg-bigpromo-76.com/_global/css/default.css?2022-11-05.1 IP104.18.42.120:0
Hash39d30dffabe41e82cfa24867000fb60c 4648f262cd007ec6a5c9a1ad424c6cc80eb3dd4c ab9f3445fc54947390f7831f8265ca071db5782001bcd5ba01932fba43c99e21
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/css/default.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 18 Feb 2019 07:52:24 GMT
etag: W/"5c6a6438-10e7"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f21c0e-OSL
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 300834
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 300834
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash62a8ce6a2338913103618edb2f4a9dbe 0e0850b1aef6ed524d119a41145112b84c257687 51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg | 104.18.42.120 | 200 OK | 608 B |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg IP104.18.42.120:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashc7a4402e1abfec8f38800db3e86cfea2 eae15512a0aae169abe6ded46981cf6e9288b5b7 890f6941b244a49e8d6a90df00cb780cc295b7d31cdf67792a832530d20d814e
GET /files/web/sponsor/_logos/logo1_229_1378106311.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 608
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1194
content-disposition: inline; filename="logo1_229_1378106311.webp"
etag: "52243bc8-4aa"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Mon, 02 Sep 2013 07:18:32 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-01
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee10b981c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_542_1450867072.png | 104.18.42.120 | 200 OK | 726 B |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_542_1450867072.png IP104.18.42.120:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashbe448a9615e7d375713dc637cfe17789 c1d94e0fc95a5f04ce1bc1a3b48abc68b8fc823c c95c5e48a09c56495b3523649198202ef08d73f0d3962ba30ae53a5e80ba7aa3
GET /files/web/sponsor/_logos/logo1_542_1450867072.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 726
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1302
content-disposition: inline; filename="logo1_542_1450867072.webp"
etag: "567a7981-516"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Wed, 23 Dec 2015 10:37:53 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-04
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee10b9c1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg | 104.18.42.120 | 200 OK | 1.2 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg IP104.18.42.120:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashbea05d5e3f048a59282a1587144f13d6 de4021ec4f35fd27e41881a63b7d63a4966c8d61 a19689df10ea877f35bf362e844065f6ed6058356928365beca879db82b2f9bf
GET /files/web/sponsor/_logos/logo1_441_1490784069.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 1164
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=12940
content-disposition: inline; filename="logo1_441_1490784069.webp"
etag: "58db8f45-328c"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Wed, 29 Mar 2017 10:41:09 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-04
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee10b9e1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_27_1343995230.png | 104.18.42.120 | 200 OK | 970 B |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_27_1343995230.png IP104.18.42.120:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashf3b45fd5fcec92bfed3a707401d85a0f ef0e2d66f1894c0f7afdea43b137aa1d52d70c31 66ee3e588c742b1b103f0f3b2a0ca01a71ab39b55d7f51185b69a4d47b12a4a7
GET /files/web/sponsor/_logos/logo1_27_1343995230.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 970
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2601
content-disposition: inline; filename="logo1_27_1343995230.webp"
etag: "5028c5ef-a29"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Mon, 13 Aug 2012 09:16:31 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-03
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee11ba91c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_543_1527859615.png | 104.18.42.120 | 200 OK | 1.3 kB |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_543_1527859615.png IP104.18.42.120:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash00e9dc3f13275ec6c8c598d745f29fce 3bcb80f4e21884fa6cd3fd4582f1c131cb04223b 12912fc02740bb9d3390b83f10d7974d8ff6fb3482cea3b73e782fcf1d727b59
GET /files/web/sponsor/_logos/logo1_543_1527859615.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 1274
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3090
content-disposition: inline; filename="logo1_543_1527859615.webp"
etag: "5b11499f-c12"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Fri, 01 Jun 2018 13:26:55 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-03
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee10b9f1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg | 104.18.42.120 | 200 OK | 27 kB |
URL HTTP/2www.sg-bigpromo-76.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg IP104.18.42.120:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x603, components 3\012- data Hashcc26fcca4a111a7607dbbc38d85f8bc0 067658a2e35d6d23d84795e0dfe2560051c493f0 5f3f5bf2b2567a61e56f292ceac28e5283dac84e983754e0e3e75c093e5cad9d
GET /_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/jpeg
content-length: 26983
etag: "2387602037"
last-modified: Tue, 12 Nov 2019 02:07:13 GMT
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfee11ba81c0e-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 4.2 kB |
IP172.64.155.188:0
Hash6b737a56fb760f422c47d1961c6479ea cd1ea4beb71e9ba7a0bbb09a02e45c0ba0d38abf 9bf181c33c9511db95dd80c5109f3410e492e32dca527ec0028257c398b7799c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:08:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 00:45:32 GMT
Expires: Thu, 10 Nov 2022 00:45:31 GMT
Etag: "c55ecf8e137313390118d8f5adc63bb11fc30223"
Cache-Control: max-age=322048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765bfee38baafac4-OSL
|
|
| sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com | 116.203.25.165 | 200 OK | 29 kB |
URL HTTP/2sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com IP116.203.25.165:0 ASN#24940 Hetzner Online GmbH
Hashe803080db5ff00e62849a5351257b5e2 66ef0f9051e9378c6d3b5de86af3ea7131e04cbb 304853630156b99b4958106cbdf912b4f063e0454a9eac6847be9a41f197d672
GET /iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com HTTP/1.1
Host: sgapac.mycleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
x-robots-tag: noindex
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: EXPIRED
x-backend-server: cleverpush-worker-2
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf6ae0db60213bfddbf2ad71a9fb116bf 915d2895adc3f022c28cc628aeb6e441cbb09d47 ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:08:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf6ae0db60213bfddbf2ad71a9fb116bf 915d2895adc3f022c28cc628aeb6e441cbb09d47 ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:08:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf6ae0db60213bfddbf2ad71a9fb116bf 915d2895adc3f022c28cc628aeb6e441cbb09d47 ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:08:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf6ae0db60213bfddbf2ad71a9fb116bf 915d2895adc3f022c28cc628aeb6e441cbb09d47 ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:08:02 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdcc79e66d1e21452efb26d26650f6739 1f727a7ea032082658944cf4041686446fb6b5f2 af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 33822
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb370c4e3b01be9fbbc3e310e6958cd55 cc22e90a0b476215f2fd864d84c9b00dded100a6 f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 32345
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2df91e-2f0b-4002-ac48-4266b47a731e.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2df91e-2f0b-4002-ac48-4266b47a731e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha8423ab18c5c01b37008421d5f759d13 b285226d6b0bbd979fa2a9775be7cbb07c008aac 55a8c2181fe43644c158a466596218735693a89170454fc7e918a13fb93816db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2df91e-2f0b-4002-ac48-4266b47a731e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5924
x-amzn-requestid: 0d34d489-9d9e-4fcb-835b-6ea0292ec429
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabZFOPoAMFdvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77b-16a732a9498bfe3078ccf001;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d4_ZqFNs0orcXlsijqAHrm00n8vIL_yzmLqfL0VlZHdEJLQDj-Pi2g==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 33822
etag: "b285226d6b0bbd979fa2a9775be7cbb07c008aac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb18a8c9f5539ce33476f843f5811e01d 11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 13388
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3929fb3c2f0dad9409e9b247ab891518 b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28 64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JpXdvmvvQH1vfmG3IY6l-viZNIwPCuCBMdnRl78XNVFNE2FgSxqXJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:14:38 GMT
age: 32004
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4e2853cc6ec6223160471401e6871f4b f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 09:11:34 GMT
age: 78988
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| api.cleverpush.com/channel/confirm-alert | 172.67.71.184 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/confirm-alert IP172.67.71.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /channel/confirm-alert HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sg-bigpromo-76.com/
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kB4HSLlYpdLSvb%2BKV2fMcQFFawyK5yGH7oy%2Ft0c1JY1dD2VRAXLQu%2Fq3vZhDkq%2FUjEN%2F6PXZZFImzZrfW5EpNzcO5QHgW2RvTlg28IONj3TCV35q2ku5yFCAekt25R%2BGN1OqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765bfee6cc57b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.cleverpush.com/channel/optin-visitor | 172.67.71.184 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/optin-visitor IP172.67.71.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sg-bigpromo-76.com/
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3h8PQCculjBrC2yjwm7l4PaS8%2BS71H5LN14pHFX5RAmnMPOon2qSEZx5y8mFdqvgOUzPSMzFKZpiFXiaVBMiVDyFkNXTgG15FVPGAx35Z4lVyTcW7NQpHomp4KLHMyV%2BzbwKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765bfee6bc49b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-05.1 IP104.18.42.120:0
GET /wingame/50/js/sweepstake.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 08 Jun 2020 08:52:50 GMT
etag: W/"5eddfc62-ba3"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfededa011c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-05.1 IP104.18.42.120:0
GET /_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 18 Aug 2016 09:52:51 GMT
etag: W/"57b58573-71c7"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f31c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/cgi-bin/wingame.pl? | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP104.18.42.120:0
GET /cgi-bin/wingame.pl? HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/html;charset=UTF-8
x-firstpage: 1
x-page: pregame
x-map-context: sg
x-served-by: d-03
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765bfed99f1a1c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-05.1 IP104.18.42.120:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/wingame/74/themes/black_000000/css/theme.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2017 08:06:31 GMT
etag: W/"5a265387-25ef"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f91c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-05.1 IP104.18.42.120:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /_global/wingame/74/js/series.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 Nov 2020 12:42:01 GMT
etag: W/"5fbe5119-3e54"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfeded9ff1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-05.1 IP104.18.42.120:0
GET /_global/js/scripts.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Jul 2022 07:31:48 GMT
etag: W/"62d900e4-dd9a"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9fc1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/wingame/74/css/series.css?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/wingame/74/css/series.css?2022-11-05.1 IP104.18.42.120:0
GET /_global/wingame/74/css/series.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 19 Apr 2022 09:50:17 GMT
etag: W/"625e85d9-616e"
x-map-context: sg
x-served-by: d-02
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f41c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-05.1 IP104.18.42.120:0
GET /wingame/global/js/global.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
last-modified: Tue, 19 May 2020 09:57:38 GMT
etag: W/"5ec3ad92-1ef"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfeded9fd1c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-05.1 IP104.18.42.120:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wingame/50/css/sweepstake.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 May 2020 09:08:58 GMT
etag: W/"5eafdbaa-179b"
x-map-context: sg
x-served-by: d-02
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f81c0e-OSL
X-Firefox-Spdy: h2
|
|
| static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js | 104.26.15.31 | 200 OK | 0 B |
URL HTTP/2static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js IP104.26.15.31:0
GET /channel/loader/3zxL2HhGxKQQZYwsP.js HTTP/1.1
Host: static.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: application/javascript
x-amz-id-2: MGdLOs49PvjsNWhnsdgSjIZPB46kn8NzN0fqggWXyHMm3LXJH7MmWdAz6a4vSCu7W2T7uIknZ5A=
x-amz-request-id: 9W80MN4HX73HCAKX
last-modified: Sat, 05 Nov 2022 00:02:37 GMT
etag: W/"3eac6de141d4ffde26c2773bd1827bb5"
cache-control: public, max-age=21600
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6ZgkuSoIlsmmFAifmwJ6siVxNiDoTKKtaX0T9uXrSPocUnmOnTcFhCmrR90aQr%2BBGft%2BltjzBdCIrCKuBsahc%2BD1cHfewoqoEUTfMbyMmaMJ19216ODLeHuf%2BTPscutRmkb3yH2YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedf4c420b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400,700 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:400,700 IP142.250.74.10:0
GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 07:08:01 GMT
date: Sun, 06 Nov 2022 07:08:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js IP104.18.42.120:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /files/web/sponsor/_sponsoren/script_50.js HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 08:39:05 GMT
etag: W/"6360db29-fbf"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfededa041c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-05.1 | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-05.1 IP104.18.42.120:0
GET /_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 10 Nov 2017 11:48:17 GMT
etag: W/"5a059201-15e64"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9fb1c0e-OSL
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/favicon.ico | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/favicon.ico IP104.18.42.120:0
GET /favicon.ico HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/x-icon
last-modified: Mon, 04 May 2020 09:08:58 GMT
etag: W/"5eafdbaa-10be"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfee33ce71c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.sg-bigpromo-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show | 104.18.42.120 | 200 OK | 0 B |
URL HTTP/2www.sg-bigpromo-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show IP104.18.42.120:0
GET /cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: text/html
x-map-context: sg
x-served-by: d-02
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765bfee69ecc1c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| api.cleverpush.com/channel/optin-visitor | 172.67.71.184 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/optin-visitor IP172.67.71.184:0
POST /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sg-bigpromo-76.com/
Content-Type: application/json
Origin: https://www.sg-bigpromo-76.com
Content-Length: 54
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lbf6TRfithHsPiibKhYjGFu%2Bw2NdL7sE0mamQrMb0NcKe%2FddEscOhyy5UM789GLrEsRdpm8VYaYKdfXhWuuaJZx62Oktz3DyCy88b%2F%2FcFuUoGwSvYEHatZ6JVc7TuvMkQ%2BHEig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765bfee71ce0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.cleverpush.com/channel/confirm-alert | 172.67.71.184 | 200 OK | 0 B |
URL HTTP/2api.cleverpush.com/channel/confirm-alert IP172.67.71.184:0
POST /channel/confirm-alert HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sg-bigpromo-76.com/
Content-Type: application/json
Origin: https://www.sg-bigpromo-76.com
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHEchNiI%2F%2FjLuOCq0y3Nn8w%2F3gZGxa8XXmE11QSiUf27XrSpm0SSqY6aLc1icEwClgmOBtjDBM%2BSmejPS44bWwNx6k8YVPPo%2BjLRDnMx%2BE6oOBuGWMUjlDnqgPXOgo0O7i%2FfYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765bfee71cd7b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|