Report - www.sg-bigpromo-76.com/cgi-bin/wingame.pl

Report Overview

Submitted URL
www.sg-bigpromo-76.com/cgi-bin/wingame.pl
IP
104.18.42.120
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-06 07:08:11
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	976 B	34 kB	216.58.207.195
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	4.7 kB	172.64.155.188
sgapac.mycleverpush.com	unknown	2022-06-30T08:03:41Z	2023-01-08T10:01:42Z	529 B	30 kB	116.203.25.165
static.cleverpush.com	16927	2016-09-06T08:24:47Z	2023-03-10T11:13:50Z	399 B	873 B	104.26.15.31
www.sg-bigpromo-76.com	unknown	2021-04-13T15:22:19Z	2023-03-10T00:04:36Z	14 kB	550 kB	104.18.42.120
api.cleverpush.com	16719	2016-09-07T11:39:39Z	2023-03-10T11:13:50Z	2.0 kB	3.7 kB	172.67.71.184
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	1.4 kB	2.8 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	59 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	402 B	746 B	142.250.74.10
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.7 kB	3.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	34.213.140.56
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	364 B	1.5 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-06	medium	www.sg-bigpromo-76.com/cgi-bin/wingame.pl	Phishing
2022-11-06	medium	www.sg-bigpromo-76.com/_global/css/default.css?2022-11-05.1	Phishing
2022-11-06	medium	www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-05.1	Phishing
2022-11-06	medium	www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-05.1	Phishing
2022-11-06	medium	www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-05.1	Phishing
2022-11-06	medium	www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	static.cleverpush.com/sdk/chunk/818.2053369c6ba49d7081f4.js	7.5 kB	2023-03-08	2023-03-13
Pretty URL static.cleverpush.com/sdk/chunk/818.2053369c6ba49d7081f4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-13 19:28:26 Times Seen1 Hash 9c2d7319802a49372e38ced07eee7c81 7494e53ab7e7a26d1f38b5a45b490501dd5f49a8 bbf8b26356a91137293331c7299846d0e3b394732a158b0c28a5e09333279647 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	33 B	2023-03-07	2024-03-27
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-03-27 02:14:42 Times Seen142 Hash 09a035e29ea6d0dc014a73cc7d4dccc0 e75a3da7b29e61396d79e4db8a01d879e4807360 4238d27bdd7b3cea5b12b7125e126fe578db472e52bc31ae63bd7755bf645cbe Loading...

	www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-05.1	495 B	2023-03-07	2023-05-25
Pretty URL www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-05.1 IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:47 Last Seen2023-05-25 19:33:01 Times Seen7 Hash 1b98ea3cb9f9d5125064031e36e955d6 ce14a655950d8464be8378ba4dcbb4bfa8477b59 41c9ca1210a14096e9078bd3d713390d07e5efb4bdd433f839dee3b0f0c25d61 Loading...

	www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js	4.0 kB	2023-03-08	2023-03-13
Pretty URL www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-13 08:04:59 Times Seen1 Hash 074f3bddc488fe7e034fcfd71666b410 e617010a7ff782c1d54acf39258b03066127788b c4975ba239bea06f62ef68ad908c963934439d3f53c0710ba99fcb271cadb61d Loading...

	static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js	207 kB	2023-03-10	2023-03-10
Pretty URL static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js IP 104.26.15.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:16:46 Last Seen2023-03-10 22:32:20 Times Seen1 Hash 3eac6de141d4ffde26c2773bd1827bb5 1db7febeaef08c178e4bc398ab37c0842bdb3f1c 4c48023719bf4c7dea185547506c519eb2ac81f047e877e498432b8f404228ba Loading...

	static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js	5.6 kB	2023-03-08	2023-05-05
Pretty URL static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-05-05 05:44:00 Times Seen105 Hash e89cddaa8c63cff3a495570a91d5e690 397783dc44bf1885bf55f65bc11361d0389bd0d9 df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204 Loading...

	static.cleverpush.com/sdk/chunk/115.ba0d7343026308ac5af6.js	14 kB	2023-03-08	2023-03-13
Pretty URL static.cleverpush.com/sdk/chunk/115.ba0d7343026308ac5af6.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-03-13 11:43:27 Times Seen1 Hash bdf3b760e2b81b6f97aa3f8f66d110e5 1672ad41f69faa3e9b782a8bc91e2af179ac15f7 61bd25db9e9cd5fcc44afc53fe9f72a60487085491595001a2841bde54d5abf9 Loading...

	static.cleverpush.com/sdk/chunk/720.f724463bb99fbd652a90.js	48 kB	2023-03-10	2023-03-11
Pretty URL static.cleverpush.com/sdk/chunk/720.f724463bb99fbd652a90.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:20:32 Last Seen2023-03-11 09:15:25 Times Seen1 Hash 7c2b919ae0b429047b3a5f3ab1ef93a3 637adfeedd81053253913ced50e29c17959e125e 521917293d5d764e9ad742a19fb9687c0d16529157622c6684e319b9a0594656 Loading...

	www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-05.1	16 kB	2023-03-07	2024-01-09
Pretty URL www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-05.1 IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:59:20 Last Seen2024-01-09 08:53:43 Times Seen68 Hash a3f603406b47edd3f97e48640afbe427 146bb9b28184485d5bac01c11a6ac23f67fdbc71 398c728c2c48a8bacca49d082597c6de06028aa7adb9032c7c5cff08cc17ebaf Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	21 B	2023-03-08	2023-05-21
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-05-21 19:42:31 Times Seen4 Hash 1498f344cab909b01adfae7c44f143d9 6cfac95206d6591601660ab6b0cf540cedd1f85d eb85cd214d8a9d6188d18c2245026d3717b67c6612f8a9d714d614c1fcda6eb5 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	1.1 kB	2023-03-07	2024-03-27
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-03-27 02:14:42 Times Seen115 Hash f14a731981e984c04d08ef668d96d867 23f77eca9c9754fc400db2bfc242088b96ff4e1e 9e727340d7fb316cf59618a46bebc2e45ffcd55904bc1aceac7f4760e5827669 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	3.5 kB	2023-03-07	2024-01-09
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-01-09 08:53:43 Times Seen24 Hash 60fc73f1db2b66a884b41438e678dcd1 e1151c0fd36699bfb79de308085af9c99d36e9c2 2e7406fa9d170fa4788a366eb21c16937c3fbcabce7b7dc0e24158a2a5f1cf87 Loading...

	sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com	70 kB	2023-03-10	2023-03-11
Pretty URL sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com IP 116.203.25.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:27:02 Last Seen2023-03-11 08:46:08 Times Seen1 Hash 00386a962438cb871e780755e72c514b 1bc662608c31064fd18e9b33d88c682d2bf88457 c616d9bc7fdcd2c427fb0cec48b6a17d5db743d5ef6a5218794b3ed42f8eea5a Loading...

	sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com	309 B	2023-03-07	2023-03-17
Pretty URL sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com IP 116.203.25.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:47 Last Seen2023-03-17 10:37:07 Times Seen1 Hash 6c088f5aff164f4fd6e11d1fc5450a5f 7c5f7294f4d768eef68f59c051e08c5b0c2f82cc 276f9c4f00aee87e91bac5471e74a8e5cafab9e1941f64bc8837bc953fea3b1d Loading...

	static.cleverpush.com/sdk/chunk/5.4241450a4ba127a5fe01.js	34 kB	2023-03-10	2023-03-11
Pretty URL static.cleverpush.com/sdk/chunk/5.4241450a4ba127a5fe01.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:27:02 Last Seen2023-03-11 11:11:07 Times Seen1 Hash 9f017930fbfc39631774fdcf7a2eb55f ba9ffb4b6faeb3cc5ef45149ea805d13794f36cc c2d65a43abfd46b1cac97ca8ba6a5b77f44ffa32dbaec7ab2348cfea80f3a6a1 Loading...

	static.cleverpush.com/sdk/chunk/103.73ceebad7a83fc182cc1.js	97 kB	2023-03-10	2023-03-10
Pretty URL static.cleverpush.com/sdk/chunk/103.73ceebad7a83fc182cc1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:38:27 Last Seen2023-03-10 22:55:30 Times Seen1 Hash c6f8341988e9aa214a60d153e9c2df0b 79bd178974c78cdf012c8aaf8a4daca2d4864e85 686d0aa1aca98fd5f4922a73c0b9f31f5265163990da9a76a180e213c7fe0ac2 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	107 B	2023-03-10	2023-03-10
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 22:16:46 Last Seen2023-03-10 22:16:46 Times Seen1 Hash e34c19a056efcf3303d32de52803b737 bc6d9761fd494d00d348e47f88a7c9aceb7cc44b 4d3ebe3327edf29b5434f4b276d020784e8e9fa676dbe3ac1d71c0f28ab01684 Loading...

	www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-05.1	57 kB	2023-03-07	2023-05-28
Pretty URL www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-05.1 IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2023-05-28 17:27:42 Times Seen96 Hash 4eeb3045b35ec60ac8efdecc52a59c44 bc53e3f6d8cd4feb5bd63129e8cd27b6fef2b79d 0277c1245f8103772c6a4a0a401df99e3bf8de48b79d3fc7689106759b80070a Loading...

	www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-05.1	90 kB	2023-03-07	2024-03-27
Pretty URL www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-05.1 IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-03-27 02:14:42 Times Seen143 Hash fcb1c635899fd1e781349468b8e5bb84 b9aa7889137b9f895effaf70bbf830346f205738 be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36 Loading...

	www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-05.1	3.0 kB	2023-03-08	2023-05-21
Pretty URL www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-05.1 IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-05-21 19:42:31 Times Seen4 Hash 8d00fee382917cf48c50cbabb52372e2 ae18b425d6425f2c6676c86da167fe79ca436e62 59504615f381b121722bbcca0e8069cd63313ecdfd7e2a46d5dc8859358d3fa3 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	743 B	2023-03-08	2023-05-09
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:52 Last Seen2023-05-09 08:16:47 Times Seen3 Hash 320b6116edc59b4f72655138eb6437da d209207536cf605c9ab75130a39d12f1adbe17a1 c4e7785a19176644b06dfa26f4ee6df1e0fc7ef7e65403c6d9c8208fade23889 Loading...

	www.sg-bigpromo-76.com/cgi-bin/wingame.pl?	2.9 kB	2023-03-07	2024-03-27
Pretty URL www.sg-bigpromo-76.com/cgi-bin/wingame.pl? IP 104.18.42.120 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:40 Last Seen2024-03-27 02:14:42 Times Seen142 Hash 8f844149e7f42121069aecaac33b39d1 470fa242d44e1f8d909200723c8680024860483e 1b694f99a79e26d1ef7459a6759cb3e4a6a7e7b6e3f1e199dce185d71b955f5a Loading...

		Size	First Seen	Last Seen
	#1 Eval - 372312e323c9d6b3f53eefa2ab96ce31	37 B	2023-03-07	2023-05-03
Pretty Observations First Seen2023-03-07 01:11:40 Last Seen2023-05-03 00:58:57 Times Seen30 Hash 372312e323c9d6b3f53eefa2ab96ce31 cab1ddd7e352e5d1d0683207b9affcf902799e63 c7c863c5380711a4ba46d00eb8cabf7fbfc119abf20e621046b1f068e9630efc Loading...

HTTP Transactions (65)

URL IP Response Size

www.sg-bigpromo-76.com/cgi-bin/wingame.pl

104.18.42.120

302 Found

75 B

URL HTTP/1.1
www.sg-bigpromo-76.com/cgi-bin/wingame.pl
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
75 B (75 bytes)
Hash
278a5de51b26a661d081823418d176cb
76eb605dc938405c43388dbc5520147b79973d3f
3642e910b2c4bb523877680d380499f645972b67c6c7f97af90746360ba7cdb1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cgi-bin/wingame.pl HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sun, 06 Nov 2022 07:08:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
URI: <https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?>
X-Map-Context: sg
X-Served-By: d-01
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765bfed63d5d0b4d-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b720c31d9c036cd2ef10e35fa29f5345
ac625d2e69284e5080bede4b37c31af62c26338b
323b76eceb5d3ad339a1c55bfa7eea4e39741258e08d5005b691f712a9e9c81c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Sun, 06 Nov 2022 08:12:27 GMT
Date: Sun, 06 Nov 2022 07:08:00 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4470
Cache-Control: max-age=99454
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:00 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:45:34 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2241
Cache-Control: max-age=97225
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:00 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:08:25 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 06 Nov 2022 06:43:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3788
Expires: Sun, 06 Nov 2022 08:11:08 GMT
Date: Sun, 06 Nov 2022 07:08:00 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: umD/9p5crMHdE8+X/PZumR3FcUB3bXxPdcLNtTUcd7BluQhyUG2EwTLJ5s4ta1MkfVbdxmq95f4=
x-amz-request-id: 3TMPTYXHKY5ZMK1S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 06:10:20 GMT
age: 3460
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 07:08:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
21426503059f8196126a602dd402b115
4651a3dfc018bed83a188cfa1777db66d10c0387
906aad00d69b4836b7d786226940376aa7398db17deee7dcec133659329aaa88

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "906AAD00D69B4836B7D786226940376AA7398DB17DEEE7DCEC133659329AAA88"
Last-Modified: Sat, 05 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Sun, 06 Nov 2022 13:07:02 GMT
Date: Sun, 06 Nov 2022 07:08:00 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5097
Cache-Control: max-age=95023
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:01 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:31:44 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.213.140.56

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.140.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cFBL3Y3efePVQBbmxmobng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +ANTRWaHKMBdOdhiHYypnl98OB4=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4508201a8f6e5bb1841401f1b765bdda
28d88e47e51c70b30b5ddcf22fd3627187f79a51
b8e8ff2cdb6d20f146db2aa34b376f0b3b3bece28334fc6acf6eb468bfca17fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5601
Cache-Control: max-age=169356
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:01 GMT
Etag: "636739fc-117"
Expires: Tue, 08 Nov 2022 06:10:37 GMT
Last-Modified: Sun, 06 Nov 2022 04:37:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png

104.18.42.120

200 OK

22 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21767 bytes)
Hash
7981da3a02a5756780c085f1f0c3fb19
7d1afa793be355b01b7fd2e50ba783204cbb1047
4ef88b4d9af615ce74727672a2a6600052d4a66b3ac52763c34545fc599fbb14

HTTP Headers

GET /files/web/freetest/_images/image_1049_929_1596511615_cp_image_42_929_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 21767
last-modified: Tue, 04 Aug 2020 03:26:55 GMT
etag: "5f28d57f-5507"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedeea0c1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png

104.18.42.120

200 OK

22 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21544 bytes)
Hash
fb3179b1bc6a0e16b7e7cdcec81a2dbe
2751107432076aca4bc2976374240e8f4b4f9c65
966920de5000bf33ff4b2ac41928716f8572053e53b894ab017143a59115cec6

HTTP Headers

GET /files/web/freetest/_images/image_1049_925_1596511614_cp_image_42_925_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 21544
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-5428"
x-map-context: sg
x-served-by: d-02
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfededa071c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png

104.18.42.120

200 OK

22 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 289 x 301, 8-bit colormap, non-interlaced\012- data
Size
22 kB (22240 bytes)
Hash
bd81aeb07c60b9be44a848d07fdcb044
ec650a2422feb29605fb94eed562f37cf35947f1
86d02a86afcc245d53be26b56b724eff30c90c0d9de1143fcbabc4943e67a5a1

HTTP Headers

GET /files/web/freetest/_images/image_1049_927_1596511614_cp_image_42_927_1573524638.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 22240
last-modified: Tue, 04 Aug 2020 03:26:54 GMT
etag: "5f28d57e-56e0"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfededa081c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png

104.18.42.120

200 OK

72 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
72 kB (72459 bytes)
Hash
ae5004d1c0d0f375f9d8ab4f2372edf1
d44167cb48e66c411d8439eb7d3a5538749c7329
c070523be8a4f81b4aeaf351744001d17e7883dd54b9fc4f5376a3ceffbf1e40

HTTP Headers

GET /files/web/freetest/_images/image_1049_890_1596511612_cp_image_42_890_1574740536.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 72459
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-11b0b"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedeea0f1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png

104.18.42.120

200 OK

71 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
71 kB (70868 bytes)
Hash
578da5634cb60866130d1ec589afb392
8b2e75e1ad26cc368d4e8e243b8b5ed1674c7dc0
17164a0d41aa14cf37a0c0fc99cbdc4c496d91dd5015e1a488c2acb18a8c6c50

HTTP Headers

GET /files/web/freetest/_images/image_1049_886_1596511612_cp_image_42_886_1573524648.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 70868
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-114d4"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfededa051c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png

104.18.42.120

200 OK

58 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
58 kB (57530 bytes)
Hash
a93eefeabd3f51a47c11f4ef085c216d
cc6a9c3e55ffcfb4d4de4079f820aadf03c101fc
a19953eea68cc0ddf20778a10207d79347742a4957ca7a17d36715ad36ab5c49

HTTP Headers

GET /files/web/freetest/_images/image_1049_888_1596511612_cp_image_42_888_1574740535.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 57530
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-e0ba"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedeea0d1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png

104.18.42.120

200 OK

77 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 285 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
77 kB (76611 bytes)
Hash
2f3dd28b519f2dca8c9e1c3951e1fef1
87a5cd0c89c018ee7487137943b86a7629900aa9
000f05262c894def5376da7f83f3771a1de7ec9babd5bb81d1dacbf58a9fb26e

HTTP Headers

GET /files/web/freetest/_images/image_1049_887_1596511612_cp_image_42_887_1574740535.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 76611
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-12b43"
x-map-context: sg
x-served-by: d-02
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfededa061c0e-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4508201a8f6e5bb1841401f1b765bdda
28d88e47e51c70b30b5ddcf22fd3627187f79a51
b8e8ff2cdb6d20f146db2aa34b376f0b3b3bece28334fc6acf6eb468bfca17fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6076
Cache-Control: max-age=169830
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:02 GMT
Etag: "636739fc-117"
Expires: Tue, 08 Nov 2022 06:18:32 GMT
Last-Modified: Sun, 06 Nov 2022 04:37:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png

104.18.42.120

200 OK

160 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 385 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
160 kB (159989 bytes)
Hash
a56dc40996d5413b2407ad228b34473f
5922cc501e4d244a37d33c58bb6518cacb5f98c0
273cb9ebfe1499aedb2cfe631024f0105a87db5b46de63e4b5e0e1a664d97be8

HTTP Headers

GET /files/web/freetest/_images/image_1049_889_1596511612_cp_image_42_889_1573524648.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/png
content-length: 159989
last-modified: Tue, 04 Aug 2020 03:26:52 GMT
etag: "5f28d57c-270f5"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedeea121c0e-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.sg-bigpromo-76.com/_global/css/default.css?2022-11-05.1

104.18.42.120

200 OK

2.1 kB

URL HTTP/2
www.sg-bigpromo-76.com/_global/css/default.css?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.1 kB (2071 bytes)
Hash
39d30dffabe41e82cfa24867000fb60c
4648f262cd007ec6a5c9a1ad424c6cc80eb3dd4c
ab9f3445fc54947390f7831f8265ca071db5782001bcd5ba01932fba43c99e21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_global/css/default.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 18 Feb 2019 07:52:24 GMT
etag: W/"5c6a6438-10e7"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f21c0e-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 300834
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 300834
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 07:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg

104.18.42.120

200 OK

608 B

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_229_1378106311.jpg
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
608 B (608 bytes)
Hash
c7a4402e1abfec8f38800db3e86cfea2
eae15512a0aae169abe6ded46981cf6e9288b5b7
890f6941b244a49e8d6a90df00cb780cc295b7d31cdf67792a832530d20d814e

HTTP Headers

GET /files/web/sponsor/_logos/logo1_229_1378106311.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 608
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1194
content-disposition: inline; filename="logo1_229_1378106311.webp"
etag: "52243bc8-4aa"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Mon, 02 Sep 2013 07:18:32 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-01
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee10b981c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_542_1450867072.png

104.18.42.120

200 OK

726 B

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_542_1450867072.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
726 B (726 bytes)
Hash
be448a9615e7d375713dc637cfe17789
c1d94e0fc95a5f04ce1bc1a3b48abc68b8fc823c
c95c5e48a09c56495b3523649198202ef08d73f0d3962ba30ae53a5e80ba7aa3

HTTP Headers

GET /files/web/sponsor/_logos/logo1_542_1450867072.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 726
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1302
content-disposition: inline; filename="logo1_542_1450867072.webp"
etag: "567a7981-516"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Wed, 23 Dec 2015 10:37:53 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-04
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee10b9c1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg

104.18.42.120

200 OK

1.2 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_441_1490784069.jpg
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1164 bytes)
Hash
bea05d5e3f048a59282a1587144f13d6
de4021ec4f35fd27e41881a63b7d63a4966c8d61
a19689df10ea877f35bf362e844065f6ed6058356928365beca879db82b2f9bf

HTTP Headers

GET /files/web/sponsor/_logos/logo1_441_1490784069.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 1164
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=12940
content-disposition: inline; filename="logo1_441_1490784069.webp"
etag: "58db8f45-328c"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Wed, 29 Mar 2017 10:41:09 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-04
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee10b9e1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_27_1343995230.png

104.18.42.120

200 OK

970 B

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_27_1343995230.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
970 B (970 bytes)
Hash
f3b45fd5fcec92bfed3a707401d85a0f
ef0e2d66f1894c0f7afdea43b137aa1d52d70c31
66ee3e588c742b1b103f0f3b2a0ca01a71ab39b55d7f51185b69a4d47b12a4a7

HTTP Headers

GET /files/web/sponsor/_logos/logo1_27_1343995230.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 970
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2601
content-disposition: inline; filename="logo1_27_1343995230.webp"
etag: "5028c5ef-a29"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Mon, 13 Aug 2012 09:16:31 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-03
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee11ba91c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_543_1527859615.png

104.18.42.120

200 OK

1.3 kB

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_logos/logo1_543_1527859615.png
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1274 bytes)
Hash
00e9dc3f13275ec6c8c598d745f29fce
3bcb80f4e21884fa6cd3fd4582f1c131cb04223b
12912fc02740bb9d3390b83f10d7974d8ff6fb3482cea3b73e782fcf1d727b59

HTTP Headers

GET /files/web/sponsor/_logos/logo1_543_1527859615.png HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/webp
content-length: 1274
cache-control: public, max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3090
content-disposition: inline; filename="logo1_543_1527859615.webp"
etag: "5b11499f-c12"
expires: Mon, 07 Nov 2022 07:08:02 GMT
last-modified: Fri, 01 Jun 2018 13:26:55 GMT
strict-transport-security: max-age=31536000
vary: Accept
x-map-context: sg
x-served-by: d-03
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 765bfee10b9f1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg

104.18.42.120

200 OK

27 kB

URL HTTP/2
www.sg-bigpromo-76.com/_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x603, components 3\012- data
Size
27 kB (26983 bytes)
Hash
cc26fcca4a111a7607dbbc38d85f8bc0
067658a2e35d6d23d84795e0dfe2560051c493f0
5f3f5bf2b2567a61e56f292ceac28e5283dac84e983754e0e3e75c093e5cad9d

HTTP Headers

GET /_static/_global/_supload/images/bg_supermarket_sg-pre_01.jpg HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/jpeg
content-length: 26983
etag: "2387602037"
last-modified: Tue, 12 Nov 2019 02:07:13 GMT
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfee11ba81c0e-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

4.2 kB

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.2 kB (4179 bytes)
Hash
6b737a56fb760f422c47d1961c6479ea
cd1ea4beb71e9ba7a0bbb09a02e45c0ba0d38abf
9bf181c33c9511db95dd80c5109f3410e492e32dca527ec0028257c398b7799c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 07:08:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 00:45:32 GMT
Expires: Thu, 10 Nov 2022 00:45:31 GMT
Etag: "c55ecf8e137313390118d8f5adc63bb11fc30223"
Cache-Control: max-age=322048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765bfee38baafac4-OSL

sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com

116.203.25.165

200 OK

29 kB

URL HTTP/2
sgapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com
IP
116.203.25.165:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
29 kB (29094 bytes)
Hash
e803080db5ff00e62849a5351257b5e2
66ef0f9051e9378c6d3b5de86af3ea7131e04cbb
304853630156b99b4958106cbdf912b4f063e0454a9eac6847be9a41f197d672

HTTP Headers

GET /iframe?origin=https%3A%2F%2Fwww.sg-bigpromo-76.com HTTP/1.1
Host: sgapac.mycleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
x-robots-tag: noindex
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: EXPIRED
x-backend-server: cleverpush-worker-2
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:08:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:08:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:08:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4655
Expires: Sun, 06 Nov 2022 08:25:37 GMT
Date: Sun, 06 Nov 2022 07:08:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8961 bytes)
Hash
dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 33822
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11535 bytes)
Hash
b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 32345
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2df91e-2f0b-4002-ac48-4266b47a731e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5924 bytes)
Hash
a8423ab18c5c01b37008421d5f759d13
b285226d6b0bbd979fa2a9775be7cbb07c008aac
55a8c2181fe43644c158a466596218735693a89170454fc7e918a13fb93816db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2df91e-2f0b-4002-ac48-4266b47a731e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5924
x-amzn-requestid: 0d34d489-9d9e-4fcb-835b-6ea0292ec429
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabZFOPoAMFdvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77b-16a732a9498bfe3078ccf001;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d4_ZqFNs0orcXlsijqAHrm00n8vIL_yzmLqfL0VlZHdEJLQDj-Pi2g==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 33822
etag: "b285226d6b0bbd979fa2a9775be7cbb07c008aac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7573 bytes)
Hash
b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 13388
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8309 bytes)
Hash
3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JpXdvmvvQH1vfmG3IY6l-viZNIwPCuCBMdnRl78XNVFNE2FgSxqXJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:14:38 GMT
age: 32004
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 09:11:34 GMT
age: 78988
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.cleverpush.com/channel/confirm-alert

172.67.71.184

200 OK

0 B

URL HTTP/2
api.cleverpush.com/channel/confirm-alert
IP
172.67.71.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /channel/confirm-alert HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sg-bigpromo-76.com/
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kB4HSLlYpdLSvb%2BKV2fMcQFFawyK5yGH7oy%2Ft0c1JY1dD2VRAXLQu%2Fq3vZhDkq%2FUjEN%2F6PXZZFImzZrfW5EpNzcO5QHgW2RvTlg28IONj3TCV35q2ku5yFCAekt25R%2BGN1OqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765bfee6cc57b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.cleverpush.com/channel/optin-visitor

172.67.71.184

200 OK

0 B

URL HTTP/2
api.cleverpush.com/channel/optin-visitor
IP
172.67.71.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.sg-bigpromo-76.com/
Origin: https://www.sg-bigpromo-76.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: application/json; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3h8PQCculjBrC2yjwm7l4PaS8%2BS71H5LN14pHFX5RAmnMPOon2qSEZx5y8mFdqvgOUzPSMzFKZpiFXiaVBMiVDyFkNXTgG15FVPGAx35Z4lVyTcW7NQpHomp4KLHMyV%2BzbwKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765bfee6bc49b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/wingame/50/js/sweepstake.js?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wingame/50/js/sweepstake.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 08 Jun 2020 08:52:50 GMT
etag: W/"5eddfc62-ba3"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfededa011c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 18 Aug 2016 09:52:51 GMT
etag: W/"57b58573-71c7"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f31c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/cgi-bin/wingame.pl?

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cgi-bin/wingame.pl? HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/html;charset=UTF-8
x-firstpage: 1
x-page: pregame
x-map-context: sg
x-served-by: d-03
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765bfed99f1a1c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/wingame/74/themes/black_000000/css/theme.css?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_global/wingame/74/themes/black_000000/css/theme.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2017 08:06:31 GMT
etag: W/"5a265387-25ef"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f91c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/wingame/74/js/series.js?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_global/wingame/74/js/series.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 Nov 2020 12:42:01 GMT
etag: W/"5fbe5119-3e54"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfeded9ff1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/js/scripts.js?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_global/js/scripts.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Jul 2022 07:31:48 GMT
etag: W/"62d900e4-dd9a"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9fc1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/wingame/74/css/series.css?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/wingame/74/css/series.css?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_global/wingame/74/css/series.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 19 Apr 2022 09:50:17 GMT
etag: W/"625e85d9-616e"
x-map-context: sg
x-served-by: d-02
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f41c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/wingame/global/js/global.js?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wingame/global/js/global.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
last-modified: Tue, 19 May 2020 09:57:38 GMT
etag: W/"5ec3ad92-1ef"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfeded9fd1c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/wingame/50/css/sweepstake.css?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wingame/50/css/sweepstake.css?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 May 2020 09:08:58 GMT
etag: W/"5eafdbaa-179b"
x-map-context: sg
x-served-by: d-02
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9f81c0e-OSL
X-Firefox-Spdy: h2

static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js

104.26.15.31

200 OK

0 B

URL HTTP/2
static.cleverpush.com/channel/loader/3zxL2HhGxKQQZYwsP.js
IP
104.26.15.31:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /channel/loader/3zxL2HhGxKQQZYwsP.js HTTP/1.1
Host: static.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: application/javascript
x-amz-id-2: MGdLOs49PvjsNWhnsdgSjIZPB46kn8NzN0fqggWXyHMm3LXJH7MmWdAz6a4vSCu7W2T7uIknZ5A=
x-amz-request-id: 9W80MN4HX73HCAKX
last-modified: Sat, 05 Nov 2022 00:02:37 GMT
etag: W/"3eac6de141d4ffde26c2773bd1827bb5"
cache-control: public, max-age=21600
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6ZgkuSoIlsmmFAifmwJ6siVxNiDoTKKtaX0T9uXrSPocUnmOnTcFhCmrR90aQr%2BBGft%2BltjzBdCIrCKuBsahc%2BD1cHfewoqoEUTfMbyMmaMJ19216ODLeHuf%2BTPscutRmkb3yH2YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfedf4c420b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 07:08:01 GMT
date: Sun, 06 Nov 2022 07:08:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/files/web/sponsor/_sponsoren/script_50.js
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /files/web/sponsor/_sponsoren/script_50.js HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 08:39:05 GMT
etag: W/"6360db29-fbf"
x-map-context: sg
x-served-by: d-01
expires: Mon, 07 Nov 2022 07:08:01 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfededa041c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-05.1

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-05.1
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-11-05.1 HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 10 Nov 2017 11:48:17 GMT
etag: W/"5a059201-15e64"
x-map-context: sg
x-served-by: d-03
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 765bfedec9fb1c0e-OSL
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/favicon.ico

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/favicon.ico
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:02 GMT
content-type: image/x-icon
last-modified: Mon, 04 May 2020 09:08:58 GMT
etag: W/"5eafdbaa-10be"
x-map-context: sg
x-served-by: d-04
expires: Mon, 07 Nov 2022 07:08:02 GMT
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 765bfee33ce71c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.sg-bigpromo-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show

104.18.42.120

200 OK

0 B

URL HTTP/2
www.sg-bigpromo-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show
IP
104.18.42.120:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show HTTP/1.1
Host: www.sg-bigpromo-76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sg-bigpromo-76.com/cgi-bin/wingame.pl?
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: text/html
x-map-context: sg
x-served-by: d-02
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765bfee69ecc1c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

api.cleverpush.com/channel/optin-visitor

172.67.71.184

200 OK

0 B

URL HTTP/2
api.cleverpush.com/channel/optin-visitor
IP
172.67.71.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /channel/optin-visitor HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sg-bigpromo-76.com/
Content-Type: application/json
Origin: https://www.sg-bigpromo-76.com
Content-Length: 54
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lbf6TRfithHsPiibKhYjGFu%2Bw2NdL7sE0mamQrMb0NcKe%2FddEscOhyy5UM789GLrEsRdpm8VYaYKdfXhWuuaJZx62Oktz3DyCy88b%2F%2FcFuUoGwSvYEHatZ6JVc7TuvMkQ%2BHEig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765bfee71ce0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.cleverpush.com/channel/confirm-alert

172.67.71.184

200 OK

0 B

URL HTTP/2
api.cleverpush.com/channel/confirm-alert
IP
172.67.71.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /channel/confirm-alert HTTP/1.1
Host: api.cleverpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.sg-bigpromo-76.com/
Content-Type: application/json
Origin: https://www.sg-bigpromo-76.com
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 06 Nov 2022 07:08:03 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
strict-transport-security: max-age=15724800; includeSubDomains
x-backend-server: cleverpush-worker-15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHEchNiI%2F%2FjLuOCq0y3Nn8w%2F3gZGxa8XXmE11QSiUf27XrSpm0SSqY6aLc1icEwClgmOBtjDBM%2BSmejPS44bWwNx6k8YVPPo%2BjLRDnMx%2BE6oOBuGWMUjlDnqgPXOgo0O7i%2FfYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765bfee71cd7b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations